301 matches found
CVE-2026-27464 Metabase: Server-Side Template Injection via Notifications Endpoint Leads to RCE
Metabase is an open-source data analytics platform. In versions prior to 0.57.13 and versions 0.58.x through 0.58.6, authenticated users are able to retrieve sensitive information from a Metabase instance, including database access credentials. During testing, it was confirmed that a low-privileg...
Metabase 安全漏洞
Metabase is an open-source data analysis platform developed by the American company Metabase. Versions of Metabase prior to 0.57.13 and 0.58.6 contain security vulnerabilities. These vulnerabilities stem from improper template evaluation, which may allow low-privilege users to extract sensitive...
PT-2026-21369
Metabase is an open-source data analytics platform. In versions prior to 0.57.13 and versions 0.58.x through 0.58.6, authenticated users are able to retrieve sensitive information from a Metabase instance, including database access credentials. During testing, it was confirmed that a low-privileg...
CVE-2026-22805
Metabase is an open-source data analytics platform. Prior to 55.13, 56.3, and 57.1, self-hosted Metabase instances that allow users to create subscriptions could be potentially impacted if their Metabase is colocated with other unsecured resources. This vulnerability is fixed in 55.13, 56.3, and...
CVE-2026-22805
Metabase is an open-source data analytics platform. Prior to 55.13, 56.3, and 57.1, self-hosted Metabase instances that allow users to create subscriptions could be potentially impacted if their Metabase is colocated with other unsecured resources. This vulnerability is fixed in 55.13, 56.3, and...
CVE-2026-22805 Metabase channel test endpoint can reach internal local addresses
Metabase is an open-source data analytics platform. Prior to 55.13, 56.3, and 57.1, self-hosted Metabase instances that allow users to create subscriptions could be potentially impacted if their Metabase is colocated with other unsecured resources. This vulnerability is fixed in 55.13, 56.3, and...
CVE-2026-22805 Metabase channel test endpoint can reach internal local addresses
Metabase is an open-source data analytics platform. Prior to 55.13, 56.3, and 57.1, self-hosted Metabase instances that allow users to create subscriptions could be potentially impacted if their Metabase is colocated with other unsecured resources. This vulnerability is fixed in 55.13, 56.3, and...
CVE-2026-22805
CVE-2026-22805 affects Metabase. Before versions 55.13, 56.3, and 57.1, self-hosted Metabase instances that allow users to create subscriptions could be impacted if colocated with other unsecured resources. The issue is fixed in 55.13, 56.3, and 57.1. Affected software: Metabase open-source data ...
CVE-2026-22805 Metabase channel test endpoint can reach internal local addresses
Metabase is an open-source data analytics platform. Prior to 55.13, 56.3, and 57.1, self-hosted Metabase instances that allow users to create subscriptions could be potentially impacted if their Metabase is colocated with other unsecured resources. This vulnerability is fixed in 55.13, 56.3, and...
Metabase 代码问题漏洞
Metabase is an open source data analytics platform from US-based Metabase, Inc. A code issue vulnerability exists in Metabase versions prior to 55.13, prior to 56.3, and prior to 57.1, which stems from the fact that instances that allow users to create subscriptions may be affected...
PT-2026-2314
Name of the Vulnerable Software and Affected Versions Metabase versions prior to 55.13 Metabase versions prior to 56.3 Metabase versions prior to 57.1 Description Metabase is an open-source data analytics platform. Self-hosted instances allowing user-created subscriptions may be potentially...
CVE-2021-41277
Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map admin-settings-maps-custom maps-add a map support and potential local file inclusion including environment variables. URLs were not validated prior to being...
EUVD-2018-1507
Malware in sbrugna...
EUVD-2022-41827
Malicious code in bioql PyPI...
EUVD-2022-41828
Malicious code in bioql PyPI...
EUVD-2025-14803
Malicious code in bioql PyPI...
EUVD-2025-10696
Malicious code in bioql PyPI...
EUVD-2023-41366
Malicious code in bioql PyPI...
EUVD-2024-52859
Malicious code in bioql PyPI...
EUVD-2025-5074
Malicious code in bioql PyPI...