Remote Code Execution Vulnerability in Metabase by Flawed Snowflake JDBC Driver
CVE-2026-50148
10CRITICAL
What is CVE-2026-50148?
An identified vulnerability within Metabase allows users with the ability to add or edit database connections to potentially execute arbitrary code on the Metabase server. This occurs specifically when a connection to an attacker-controlled Snowflake server is configured, exploiting a flaw in the Snowflake JDBC driver. This flaw enables the unauthorized writing of files across the Metabase host, including critical Metabase database driver files, which can subsequently be executed within the Metabase process. Remediation has been applied in the latest versions of Metabase.
Affected Version(s)
metabase >= 1.54.0, < 1.54.24 < 1.54.0, 1.54.24
metabase >= 1.55.0, < 1.55.24 < 1.55.0, 1.55.24
metabase >= 1.56.0, < 1.56.25 < 1.56.0, 1.56.25
