DEV.co
Open-Source Databases · dbeaver

cloudbeaver

CloudBeaver is an open-source web-based database manager that lets teams browse, query, and manage multiple databases from a single interface. Built on Java backend with TypeScript/React frontend, it supports dozens of database engines and offers SQL editing, data visualization, and admin controls.

Source: GitHub — github.com/dbeaver/cloudbeaver
5k
GitHub stars
537
Forks
TypeScript
Primary language
Apache-2.0
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositorydbeaver/cloudbeaver
Ownerdbeaver
Primary languageTypeScript
LicenseApache-2.0 — OSI-approved
Stars5k
Forks537
Open issues117
Latest releaseUnknown
Last updated2026-07-08
Sourcehttps://github.com/dbeaver/cloudbeaver

What cloudbeaver is

CloudBeaver is a full-stack web application (Java server + TypeScript/React UI) providing GraphQL-based API access, SSH tunneling, multi-database connectivity, and SQL dialect support for PostgreSQL, MySQL, SQL Server, ClickHouse, DuckDB, and others. Recent releases show active vulnerability patching (CVE-2026-55449, CVE-2026-12151, CVE-2026-9277) and feature expansion across data editor, SQL editor, and authentication layers.

Quickstart

Get the cloudbeaver source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/dbeaver/cloudbeaver.gitcd cloudbeaver# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Multi-database inspection and ad-hoc querying across distributed teams

CloudBeaver eliminates the need for per-database desktop clients. Teams can connect to dev, staging, and production databases via a single web interface with role-based access control and audit trails (Last Login timestamps, session tracking).

Self-hosted database administration in air-gapped or regulated environments

Docker deployment with custom startup arguments, support for HTTP header authentication, and SSH tunneling allow deployment in restricted network segments without external SaaS dependencies.

Data import/export and ETL workflow automation

Built-in data transfer, multi-cell copy/paste, SQL generation, DDL extraction, and find-and-replace in data editor support one-off and repeatable data migration tasks without custom scripting.

Implementation considerations

  • Java runtime and at least 2GB RAM required for server; Docker recommended for isolation and scaling.
  • Database driver compatibility varies; verify your target engine is in the supported list (PostgreSQL 42.7.11, MySQL, H2 2.4.2, ClickHouse 0.9.7, DuckDB, Firebird, DB2 for i, SQL Server).
  • Authentication and authorization can use HTTP headers, built-in user management, or session tokens; plan RBAC model before rollout.
  • SSH tunneling is optional but requires administrator opt-in; network policies must allow outbound SSH if used.
  • Session state (column filters, sort order, tab state) now persists across reconnect and re-login (v26.1.0+); verify this behavior matches your compliance and privacy requirements.

When to avoid it — and what to weigh

  • Real-time collaborative schema editing or live data synchronization required — CloudBeaver is a read-heavy, single-user-per-session tool. It does not offer multi-user collaborative editing, conflict resolution, or operational transformation for concurrent schema changes.
  • Need for formally certified SLA, support contracts, or vendor indemnification — This is a community project maintained by DBeaver contributors. No official support tiers, SLAs, or commercial liability are stated in the repository. Enterprise CloudBeaver (paid product) exists but is separate.
  • Extensive custom data pipeline logic or proprietary integrations — CloudBeaver is a database UI tool, not a workflow orchestration platform. Custom business logic requires external tools (Apache Airflow, Kubernetes operators) and API integration.
  • Highly sensitive databases where runtime vulnerability response time is critical — While recent releases show active patching, CloudBeaver Community has no guaranteed security response SLA. Patching timelines depend on upstream library releases and community contributions.

License & commercial use

Apache License 2.0 (Apache-2.0). Permissive OSI-approved license allowing commercial use, modification, and distribution with standard liability and trademark disclaimers.

Apache 2.0 permits commercial deployment. However, this is the Community Edition; CloudBeaver also offers a separate paid Enterprise Edition. Verify that Community Edition meets your feature and support requirements. No warranty or vendor support is implied by the license alone.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationAdequate
License clarityClear
Deployment complexityLow
DEV.co fitGood
Assessment confidenceHigh
Security considerations

Recent releases show active vulnerability patching (CVE-2026-55449 local file disclosure, CVE-2026-12151 in undici, CVE-2026-9277 in shell-quote, CVE-2026-4800 in lodash, CVE-2026-39363 in vite, CVE-2025-62718 in axios). Session fixation mitigated by new session ID generation on login. XSS and path validation flaws fixed in v26.1.1. SSH tunnel access now requires admin opt-in. No formal security audit or penetration test details provided. Dependency update frequency suggests responsiveness but no SLA guarantees.

Alternatives to consider

DBeaver Desktop (free/Pro)

Native desktop client with richer IDE features, offline capability, and tighter integration with OS. DBeaver Pro offers team collaboration and version control but no cloud deployment.

pgAdmin / MySQL Workbench

Database-specific web UIs with simpler architecture and native feature sets for PostgreSQL and MySQL respectively. Less flexible for multi-database scenarios.

Apache Superset / Metabase

Business intelligence and self-service analytics platforms with visualization and dashboard focus. Better for reporting and embedded analytics; weaker for DBA tasks like DDL generation and data transfer.

Software development agency

Build on cloudbeaver with DEV.co software developers

Contact Devco to architect a secure, scalable self-hosted deployment, integrate with your identity layer, and establish governance for your engineering and DBA teams.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

cloudbeaver FAQ

Can I self-host CloudBeaver Community and still use it in production?
Yes, Apache 2.0 and Docker deployment support self-hosted production use. However, no official support, SLA, or vendor indemnification applies. Document your own security review and testing before production deployment.
What databases does CloudBeaver support?
PostgreSQL, MySQL, SQL Server, ClickHouse, DuckDB, H2, Firebird, DB2 for IBM i, and others via pluggable drivers. Check the official driver list for your target engine; custom drivers require development.
Does CloudBeaver offer multi-user collaboration on queries or schema changes?
No. CloudBeaver is single-user-per-session. Concurrent access is supported via separate sessions with RBAC, but real-time collaborative editing and conflict resolution are not available.
How do I authenticate users in CloudBeaver?
Built-in user management, HTTP header authentication (Authorization / X-Api-Key), or session tokens via GraphQL. OIDC/SAML not mentioned in provided data; custom integration may be required.

Work with a software development agency

DEV.co is a software development agency delivering custom software development services to companies building on open source. Our software developers and web developers design, integrate, and ship production systems — spanning web development, APIs, AI, data, and cloud. If cloudbeaver is part of your open-source databases roadmap, our team can implement, customize, migrate, and maintain it.

Ready to Deploy CloudBeaver?

Contact Devco to architect a secure, scalable self-hosted deployment, integrate with your identity layer, and establish governance for your engineering and DBA teams.