Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

14 matches found

NVD
NVDadded 4 hours ago8 views

CVE-2026-13751

Improper handling of untrusted remote references in Snowflake CLI versions prior to 3.19 allowed server-side request forgery. The SQL statement reader's !source/!load directives could reference remote URLs that were retrieved at runtime without sufficient restriction on the request destination. B...

4.1CVSS
Exploits0References1
NVD
NVDadded 4 hours ago7 views

CVE-2026-13752

Improper neutralization of parameters in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. An attacker could exploit this by supplying crafted values to vulnerable command paths, causing Snowflake CLI to execute unintended SQL in the context of the user’s Snowflake session...

6CVSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 5 hours ago3 views

CVE-2026-13752

Improper neutralization of parameters in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. An attacker could exploit this by supplying crafted values to vulnerable command paths, causing Snowflake CLI to execute unintended SQL in the context of the user’s Snowflake session...

6CVSS5.9AI score
Exploits0References2Affected Software1
NVD
NVDadded 5 hours ago7 views

CVE-2026-13749

Improper neutralization in the Snowpark annotation processor callback template in Snowflake CLI versions prior to 3.19 allowed arbitrary code execution during application bundling or deployment. An attacker could exploit this by supplying crafted project content that is interpolated into generate...

8.8CVSS
Exploits0References1
NVD
NVDadded 5 hours ago8 views

CVE-2026-13748

Improper restriction of file path resolution in Snowflake CLI versions prior to 3.19 allowed arbitrary local file content to be read and transmitted to Snowflake services. An attacker could exploit this by supplying crafted repository or project content that referenced files outside the intended...

6.3CVSS
Exploits0References1
NVD
NVDadded 5 hours ago6 views

CVE-2026-13750

Insertion of sensitive information into log files in Snowflake CLI versions prior to 3.19 allowed plaintext credentials to be written to persistent local debug logs. An attacker could exploit this by obtaining read access to the affected user's local log files, causing credentials such as...

5.5CVSS
Exploits0References1
CVE
CVEadded 5 hours ago8 views

CVE-2026-13751

CVE-2026-13751 affects Snowflake CLI prior to version 3.19. Improper handling of untrusted remote references in the SQL statement reader’s !source/!load directives can reference remote URLs retrieved at runtime, enabling server-side request forgery. Exploitation requires attacker-controlled conte...

4.1CVSS5.9AI score
Exploits0References1
ATTACKERKB
ATTACKERKBadded 5 hours ago3 views

CVE-2026-13751

Improper handling of untrusted remote references in Snowflake CLI versions prior to 3.19 allowed server-side request forgery. The SQL statement reader's !source/!load directives could reference remote URLs that were retrieved at runtime without sufficient restriction on the request destination. B...

4.1CVSS5.9AI score
Exploits0References2Affected Software1
EUVD
EUVDadded 5 hours ago4 views

EUVD-2026-40147

Improper handling of untrusted remote references in Snowflake CLI versions prior to 3.19 allowed server-side request forgery. The SQL statement reader's !source/!load directives could reference remote URLs that were retrieved at runtime without sufficient restriction on the request destination. B...

4.1CVSS5.9AI score
Exploits0References1
CVE
CVEadded 5 hours ago9 views

CVE-2026-13750

Snowflake CLI contains a local-logging vulnerability prior to version 3.19 where sensitive credentials (passwords, tokens, or private key material) could be written to persistent debug logs. An attacker with read access to the affected user’s local log files could exfiltrate credentials if they a...

5.5CVSS5.8AI score
Exploits0References1
CVE
CVEadded 5 hours ago9 views

CVE-2026-13748

CVE-2026-13748 affects Snowflake CLI prior to 3.19. The vulnerability arises from improper restriction of file path resolution, allowing an attacker-controlled repository or project content to cause the CLI to read arbitrary local files and transmit or embed their contents during deployment or SQ...

6.3CVSS6AI score
Exploits0References1
EUVD
EUVDadded 5 hours ago5 views

EUVD-2026-40132

Improper neutralization of local CLI parameters in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. A user could trigger this issue by supplying crafted values to vulnerable Cortex SQL or object listing command paths, causing Snowflake CLI to execute unintended SQL in the...

3.6CVSS5.9AI score
Exploits0References1
CVE
CVEadded 5 hours ago6 views

CVE-2026-13746

The CVE-2026-13746 issue affects Snowflake CLI prior to version 3.19, arising from improper neutralization of local CLI parameters. An attacker could trigger unintended SQL execution by supplying crafted values to vulnerable Cortex SQL or object-listing CLI paths, with exploitation limited to sel...

3.6CVSS5.9AI score
Exploits0References1
Cvelist
Cvelistadded 5 hours ago7 views

CVE-2026-13744 Snowflake CLI SQL Injection Through Improper Neutralization of User-Controlled Input

Improper neutralization of attacker-controlled content in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. By supplying crafted repository content, project configuration, manifest data, or specification input, an attacker could cause Snowflake CLI to execute unintended SQL i...

8.3CVSS
Exploits0References1
Rows per page
Query Builder