562 matches found
PT-2026-53321
Name of the Vulnerable Software and Affected Versions Snowflake CLI versions prior to 3.19 Description Improper handling of untrusted remote references allows server-side request forgery SSRF, a condition where a server is coerced into making requests to an unintended destination. The SQL stateme...
PT-2026-53322
Name of the Vulnerable Software and Affected Versions Snowflake CLI versions prior to 3.19 Description Improper neutralization of parameters allows unintended SQL execution. An attacker can exploit this by providing crafted values to vulnerable command paths, leading the CLI to execute unauthoriz...
PT-2026-53313
Name of the Vulnerable Software and Affected Versions Snowflake CLI versions prior to 3.19 Description Sensitive information is inserted into log files in plaintext. This occurs when credentials, such as passwords, tokens, or private key material, are written to persistent local debug logs. An...
CVE-2026-28381
The Snowflake datasource allows for GET/PUT commands, which can allow any user with access to run queries against the data source to read/write files between the local grafana server and the connected Snowflake host...
CVE-2026-28381
The CVE affects the Grafana Snowflake data source: GET/PUT commands can enable a user with access to read/write files between the local Grafana server and the connected Snowflake host, potentially impacting confidentiality and integrity (per metrics: HIGH/ HIGH). Root cause and exact vulnerable c...
EUVD-2026-38244
The Snowflake datasource allows for GET/PUT commands, which can allow any user with access to run queries against the data source to read/write files between the local grafana server and the connected Snowflake host...
CVE-2026-28381 Local File Read/Write to Potential Privilege Escalation via Snowflake GET/PUT
The Snowflake datasource allows for GET/PUT commands, which can allow any user with access to run queries against the data source to read/write files between the local grafana server and the connected Snowflake host...
GHSA-W75W-9QV4-J5XJ vulnerabilities
Vulnerabilities for packages: dbt-snowflake, dbt-bigquery...
CVE-2026-29790 vulnerabilities
Vulnerabilities for packages: dbt-snowflake, dbt-bigquery...
CVE-2026-42237
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the fix for GHSA-f3f2-mcxc-pwjx did not cover the Snowflake node or the legacy MySQL v1 node. Both nodes construct SQL queries by directly interpolating user-controlled table names, column names, a...
CVE-2026-41490
Dagster is an orchestration platform for the development, production, and observation of data assets. Prior to Dagster Core version 1.13.1 and prior to Dagster libraries version 0.29.1, the DuckDB, Snowflake, BigQuery, and DeltaLake I/O managers constructed SQL WHERE clauses by interpolating...
CVE-2026-6442
Improper validation of bash commands in Snowflake Cortex Code CLI versions prior to 1.0.25 allowed subsequent commands to execute outside the sandbox. An attacker could exploit this by embedding specially crafted commands in untrusted content, such as a malicious repository, causing the CLI agent...
ROOT-APP-PYPI-CVE-2025-24793 CVE-2025-24793 in rootio-snowflake-connector-python - Patched by Root
Root has patched CVE-2025-24793 in the rootio-snowflake-connector-python package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2025-50213 CVE-2025-50213 in rootio-apache-airflow-providers-snowflake - Patched by Root
Root has patched CVE-2025-50213 in the rootio-apache-airflow-providers-snowflake package for Root:PyPI. Multiple fixed versions available...
CVE-2026-46427
Budibase is an open-source low-code platform. Prior to 3.38.3, removeSecrets at packages/server/src/sdk/workspace/datasources/datasources.ts masks only datasource config fields whose schema type is DatasourceFieldType.PASSWORD. The Snowflake integration types its privateKey field as...
CVE-2026-46427
Budibase is an open-source low-code platform. Prior to 3.38.3, removeSecrets at packages/server/src/sdk/workspace/datasources/datasources.ts masks only datasource config fields whose schema type is DatasourceFieldType.PASSWORD. The Snowflake integration types its privateKey field as...
CVE-2026-46427 Budibase: Snowflake private key returned unmasked from datasource API to BASIC users
Budibase is an open-source low-code platform. Prior to 3.38.3, removeSecrets at packages/server/src/sdk/workspace/datasources/datasources.ts masks only datasource config fields whose schema type is DatasourceFieldType.PASSWORD. The Snowflake integration types its privateKey field as...
EUVD-2026-32595
Budibase is an open-source low-code platform. Prior to 3.38.3, removeSecrets at packages/server/src/sdk/workspace/datasources/datasources.ts masks only datasource config fields whose schema type is DatasourceFieldType.PASSWORD. The Snowflake integration types its privateKey field as...
CVE-2026-46427 Budibase: Snowflake private key returned unmasked from datasource API to BASIC users
Budibase is an open-source low-code platform. Prior to 3.38.3, removeSecrets at packages/server/src/sdk/workspace/datasources/datasources.ts masks only datasource config fields whose schema type is DatasourceFieldType.PASSWORD. The Snowflake integration types its privateKey field as...
CVE-2026-46427
Budibase is an open-source low-code platform. Prior to 3.38.3, removeSecrets at packages/server/src/sdk/workspace/datasources/datasources.ts masks only datasource config fields whose schema type is DatasourceFieldType.PASSWORD. The Snowflake integration types its privateKey field as...