CVE-2026-13749 Snowflake CLI Arbitrary Code Execution via Snowpark Annotation Processor Template Injection
Improper neutralization in the Snowpark annotation processor callback template in Snowflake CLI versions prior to 3.19 allowed arbitrary code execution during application bundling or deployment. An attacker could exploit this by supplying crafted project content that is interpolated into generate...