Lucene search
K

301 matches found

OSV
OSV
added 2026/02/21 7:57 a.m.7 views

CVE-2026-27464 Metabase: Server-Side Template Injection via Notifications Endpoint Leads to RCE

Metabase is an open-source data analytics platform. In versions prior to 0.57.13 and versions 0.58.x through 0.58.6, authenticated users are able to retrieve sensitive information from a Metabase instance, including database access credentials. During testing, it was confirmed that a low-privileg...

7.7CVSS5.5AI score0.00257EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/02/21 12:0 a.m.10 views

Metabase 安全漏洞

Metabase is an open-source data analysis platform developed by the American company Metabase. Versions of Metabase prior to 0.57.13 and 0.58.6 contain security vulnerabilities. These vulnerabilities stem from improper template evaluation, which may allow low-privilege users to extract sensitive...

7.7CVSS5.8AI score0.00257EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/21 12:0 a.m.9 views

PT-2026-21369

Metabase is an open-source data analytics platform. In versions prior to 0.57.13 and versions 0.58.x through 0.58.6, authenticated users are able to retrieve sensitive information from a Metabase instance, including database access credentials. During testing, it was confirmed that a low-privileg...

7.7CVSS5.4AI score0.00257EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/13 10:53 p.m.4 views

CVE-2026-22805

Metabase is an open-source data analytics platform. Prior to 55.13, 56.3, and 57.1, self-hosted Metabase instances that allow users to create subscriptions could be potentially impacted if their Metabase is colocated with other unsecured resources. This vulnerability is fixed in 55.13, 56.3, and...

2.1CVSS6.7AI score0.002EPSS
Exploits0References1
NVD
NVD
added 2026/01/12 11:15 p.m.7 views

CVE-2026-22805

Metabase is an open-source data analytics platform. Prior to 55.13, 56.3, and 57.1, self-hosted Metabase instances that allow users to create subscriptions could be potentially impacted if their Metabase is colocated with other unsecured resources. This vulnerability is fixed in 55.13, 56.3, and...

8.6CVSS0.002EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/12 10:36 p.m.21 views

CVE-2026-22805 Metabase channel test endpoint can reach internal local addresses

Metabase is an open-source data analytics platform. Prior to 55.13, 56.3, and 57.1, self-hosted Metabase instances that allow users to create subscriptions could be potentially impacted if their Metabase is colocated with other unsecured resources. This vulnerability is fixed in 55.13, 56.3, and...

2.1CVSS0.002EPSS
Exploits0References1
OSV
OSV
added 2026/01/12 10:36 p.m.8 views

CVE-2026-22805 Metabase channel test endpoint can reach internal local addresses

Metabase is an open-source data analytics platform. Prior to 55.13, 56.3, and 57.1, self-hosted Metabase instances that allow users to create subscriptions could be potentially impacted if their Metabase is colocated with other unsecured resources. This vulnerability is fixed in 55.13, 56.3, and...

2.1CVSS5.8AI score0.002EPSS
Exploits0References3
CVE
CVE
added 2026/01/12 10:36 p.m.27 views

CVE-2026-22805

CVE-2026-22805 affects Metabase. Before versions 55.13, 56.3, and 57.1, self-hosted Metabase instances that allow users to create subscriptions could be impacted if colocated with other unsecured resources. The issue is fixed in 55.13, 56.3, and 57.1. Affected software: Metabase open-source data ...

8.6CVSS6.3AI score0.002EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/12 10:36 p.m.2 views

CVE-2026-22805 Metabase channel test endpoint can reach internal local addresses

Metabase is an open-source data analytics platform. Prior to 55.13, 56.3, and 57.1, self-hosted Metabase instances that allow users to create subscriptions could be potentially impacted if their Metabase is colocated with other unsecured resources. This vulnerability is fixed in 55.13, 56.3, and...

2.1CVSS6.3AI score0.002EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/12 12:0 a.m.4 views

Metabase 代码问题漏洞

Metabase is an open source data analytics platform from US-based Metabase, Inc. A code issue vulnerability exists in Metabase versions prior to 55.13, prior to 56.3, and prior to 57.1, which stems from the fact that instances that allow users to create subscriptions may be affected...

8.6CVSS5.9AI score0.002EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/12 12:0 a.m.7 views

PT-2026-2314

Name of the Vulnerable Software and Affected Versions Metabase versions prior to 55.13 Metabase versions prior to 56.3 Metabase versions prior to 57.1 Description Metabase is an open-source data analytics platform. Self-hosted instances allowing user-created subscriptions may be potentially...

8.6CVSS6.6AI score0.002EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/01/09 8:54 a.m.15 views

CVE-2021-41277

Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map admin-settings-maps-custom maps-add a map support and potential local file inclusion including environment variables. URLs were not validated prior to being...

10CVSS6.5AI score0.97178EPSS
Exploits5References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-1507

Malware in sbrugna...

6.1CVSS6.2AI score0.00842EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-41827

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00967EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-41828

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.0079EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-14803

Malicious code in bioql PyPI...

2.1CVSS6.6AI score0.00395EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-10696

Malicious code in bioql PyPI...

1.8CVSS6.6AI score0.00337EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-41366

Malicious code in bioql PyPI...

10CVSS9.1AI score0.01124EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-52859

Malicious code in bioql PyPI...

4.8CVSS6.6AI score0.00411EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-5074

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00336EPSS
Exploits0References3
Rows per page
Query Builder