Skip to main content

Snowflake Python Connector CVE-2026-15925

| EUVDEUVD-2026-44869 CRITICAL
Improper Validation of Certificate with Host Mismatch (CWE-297)
2026-07-16 SNOWFLAKE GHSA-5cc2-282f-jjq2
9.2
CVSS 4.0 · Vendor: SNOWFLAKE
Share

Severity by source

Vendor (SNOWFLAKE) PRIMARY
9.2 CRITICAL
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
7.7 HIGH

AC:H because exploitation requires an established on-path MITM position; PR:N/UI:N as no auth or victim action is needed once intercepted; C:H/I:H for credential/data theft and SQL injection, A:L for limited availability impact.

3.1 AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
4.0 AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (SNOWFLAKE).

CVSS VectorVendor: SNOWFLAKE

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

4
Patch available
Jul 16, 2026 - 10:18 EUVD
Source Code Evidence Fetched
Jul 16, 2026 - 06:46 vuln.today
Analysis Generated
Jul 16, 2026 - 06:46 vuln.today
CVE Published
Jul 16, 2026 - 05:31 cve.org
CRITICAL 9.2

DescriptionCVE.org

Improper TLS hostname verification in Snowflake Connector for Python versions prior to 4.7.1 may have allowed a network-positioned attacker to bypass certificate hostname validation on HTTPS connections made by the connector. An attacker with on-path network access could exploit this by intercepting or redirecting network traffic and presenting a certificate signed by any trusted CA for any domain, causing the connector to accept connections without validating that the certificate matched the requested hostname. Successful exploitation requires an on-path traffic interception capability (e.g. ARP/DNS poisoning, rogue access point, BGP hijacking, or malicious proxy/exit node). This vulnerability may have exposed credentials, query data, and staged file contents to interception and tampering, and may have enabled the attacker to issue arbitrary SQL within the context of the victim's connector session. Impact is limited by the privileges of the affected Snowflake role. The fix is available in Snowflake Connector for Python version 4.7.1. Users must manually upgrade.

AnalysisAI

Improper TLS hostname verification in the Snowflake Connector for Python (versions before 4.7.1) lets an on-path attacker defeat HTTPS certificate validation, accepting any certificate signed by any trusted CA regardless of the requested hostname. An adversary who can intercept traffic can decrypt and tamper with connector sessions, exposing Snowflake credentials, query results, and staged file data, and can inject arbitrary SQL bounded by the victim role's privileges. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain on-path position (rogue AP/ARP/DNS/BGP)
Delivery
Intercept connector HTTPS session
Exploit
Present any CA-signed cert for any host
Execution
Connector skips hostname check, accepts TLS
Persist
Decrypt credentials and query/staged data
Impact
Inject arbitrary SQL as victim role

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to already hold an active on-path traffic-interception position between the victim connector and Snowflake - concretely ARP or DNS poisoning on the local segment, a rogue/evil-twin access point, BGP hijacking of the route, or operation of a malicious proxy or Tor-style exit node the victim's traffic traverses. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The vendor CVSS 4.0 vector (AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L) scores 9.2, but the decisive metric is AT:P - a specific Attack Requirement is present, namely a privileged on-path network position. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A data engineer runs a Python job using a vulnerable connector while connected through a rogue Wi-Fi access point or a compromised proxy. The attacker redirects the TLS session to their own endpoint, presents a legitimately CA-signed certificate for an unrelated domain, and because hostname matching is skipped the connector completes the handshake - letting the attacker capture the Snowflake credentials and query data and inject arbitrary SQL within the victim's role. …
Remediation Vendor-released patch: version 4.7.1. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: inventory all systems running Snowflake Connector for Python to identify affected versions and map network paths. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More in Python

View all
CVE-2025-24016 CRITICAL POC
9.9 Feb 10

Wazuh SIEM platform versions 4.4.0 through 4.9.0 contain an unsafe deserialization vulnerability in the DistributedAPI t

CVE-2025-27520 CRITICAL POC
9.8 Apr 04

BentoML version 1.4.2 and earlier contains an unauthenticated remote code execution vulnerability through insecure deser

CVE-2025-2945 CRITICAL POC
9.9 Apr 03

pgAdmin 4 contains critical remote code execution vulnerabilities in the Query Tool download and Cloud Deployment endpoi

CVE-2013-5093 MEDIUM POC
6.8 Sep 27

The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python

CVE-2025-32375 CRITICAL POC
9.8 Apr 09

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Rated critica

CVE-2014-0224 HIGH POC
7.4 Jun 05

OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCiph

CVE-2024-21644 HIGH POC
7.5 Jan 08

pyLoad download manager version prior to 0.5.0b3.dev77 exposes the Flask SECRET_KEY through an unauthenticated endpoint.

CVE-2017-9462 HIGH POC
8.8 Jun 06

In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and conse

CVE-2026-39987 CRITICAL POC
9.3 Apr 08

Unauthenticated remote code execution in Marimo ≤0.20.4 allows attackers to execute arbitrary system commands via the `/

CVE-2024-21645 MEDIUM POC
5.3 Jan 08

pyLoad is the free and open-source Download Manager written in pure Python. Rated medium severity (CVSS 5.3), this vulne

CVE-2026-33017 CRITICAL POC
9.3 Mar 17

Langflow (a visual LLM pipeline builder) contains a critical unauthenticated code execution vulnerability (CVE-2026-3301

CVE-2026-55255 HIGH POC
8.4 Jun 19

Cross-user flow execution in Langflow (< 1.9.1) lets any authenticated API-key holder run another user's flow by passing

Share

CVE-2026-15925 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy