Skip to main content

Snowflake Cli

7 CVEs product

Monthly

CVE-2026-13752 HIGH PATCH This Week

SQL injection in Snowflake CLI versions 1.1.0 through 3.18.x (fixed in 3.19) lets crafted parameter values reach vulnerable command paths and execute unintended SQL within the user's active Snowflake session. An authenticated CLI user who is fed malicious input - via social engineering, a poisoned repository configuration, or compromised automation - can have arbitrary statements run against their session, with impact bounded by that session's privileges. No public exploit identified at time of analysis; EPSS is very low (0.11%, 1st percentile) and the SSVC exploitation status is 'none', so this is a not-yet-exploited but high-technical-impact issue.

SQLi Snowflake Cli
NVD VulDB
CVSS 3.1
8.0
EPSS
0.1%
CVE-2026-13751 CRITICAL PATCH Act Now

Server-side request forgery in Snowflake CLI versions 3.6.0 through 3.18.x lets an attacker coerce a victim's CLI session into fetching attacker-chosen remote URLs and then retrieving and executing remote SQL in that session's context. The flaw lives in the SQL statement reader's !source/!load directives, which resolve remote references at runtime without restricting the request destination, so a victim who processes attacker-supplied SQL can be made to reach internal/non-public network locations. Despite a 9.6 CVSS, real-world urgency is tempered by required user interaction and a low EPSS (0.09%); there is no public exploit identified at time of analysis and it is not in CISA KEV.

SSRF Snowflake Cli
NVD VulDB
CVSS 3.1
9.6
EPSS
0.1%
CVE-2026-13750 MEDIUM PATCH This Month

Snowflake CLI versions prior to 3.19 write plaintext credentials - including passwords, authentication tokens, and private key material - to persistent local debug log files due to CWE-532 (Insertion of Sensitive Information into Log File). Any local user account with read access to the affected user's log directory can harvest these credentials without needing application-level privileges. No active exploitation is confirmed (not in CISA KEV) and no public exploit code has been identified at time of analysis, but the confidentiality impact is rated high given that full credential material may be exposed.

Information Disclosure Snowflake Cli
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2026-13749 HIGH PATCH This Week

Arbitrary code execution in Snowflake CLI versions prior to 3.19 lets an attacker run code in the context of any developer who bundles or deploys an attacker-supplied Snowpark project. The flaw lives in the Snowpark annotation processor callback template, where untrusted project content is interpolated directly into generated Python code (CWE-94). No public exploit has been identified at time of analysis, but the attack is straightforward and high-impact (CVSS 8.8) given that it executes with the victim's local privileges; exploitation hinges on the victim running the bundling/deployment workflow against malicious content.

RCE Python Code Injection Snowflake Cli
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2026-13748 MEDIUM PATCH This Month

Path traversal in Snowflake CLI versions prior to 3.19 enables arbitrary local file exfiltration to Snowflake cloud services when a victim processes attacker-controlled project or repository content. The CLI fails to restrict file path resolution during deployment or SQL template processing, allowing crafted project files to reference and transmit content from outside the intended project directory boundary to Snowflake-hosted artifacts. No public exploit has been identified and this CVE is not listed in the CISA KEV catalog; upgrade to version 3.19 is required as the vendor documents no supported workarounds.

Path Traversal Snowflake Cli
NVD
CVSS 3.1
6.3
EPSS
0.1%
CVE-2026-13746 MEDIUM PATCH This Month

Snowflake CLI versions prior to 3.19 permit self-injection SQL execution through improper neutralization of local CLI parameters in Cortex SQL and object listing command paths, where crafted argument values cause the tool to construct and execute unintended SQL within the authenticated user's existing Snowflake session. Exploitation is structurally constrained to self-injection - the attacker must themselves supply the malicious values via local CLI arguments, and impact cannot exceed the privileges already held by the current session context. No public exploit code has been identified and no active exploitation is confirmed; the vendor-assigned CVSS score of 3.6 (Low) accurately reflects the narrow attack surface and bounded impact.

SQLi Snowflake Cli
NVD VulDB
CVSS 3.1
5.4
EPSS
0.1%
CVE-2026-13744 HIGH PATCH This Week

SQL injection in Snowflake CLI versions 1.2.2 through 3.18.x allows an attacker to execute unintended SQL statements within a victim's authenticated Snowflake session by planting crafted repository content, project configuration, manifest, or specification input. When a developer processes that attacker-controlled content through a vulnerable command path, the injected SQL runs with the victim's session privileges, enabling data theft, modification, or destruction up to that user's authorization level. There is no public exploit identified at time of analysis, exploitation is not confirmed in CISA KEV, and EPSS is low at 0.31% (23rd percentile), reflecting the user-interaction requirement.

SQLi Snowflake Cli
NVD VulDB
CVSS 3.1
8.8
EPSS
0.3%
EPSS 0% CVSS 8.0
HIGH PATCH This Week

SQL injection in Snowflake CLI versions 1.1.0 through 3.18.x (fixed in 3.19) lets crafted parameter values reach vulnerable command paths and execute unintended SQL within the user's active Snowflake session. An authenticated CLI user who is fed malicious input - via social engineering, a poisoned repository configuration, or compromised automation - can have arbitrary statements run against their session, with impact bounded by that session's privileges. No public exploit identified at time of analysis; EPSS is very low (0.11%, 1st percentile) and the SSVC exploitation status is 'none', so this is a not-yet-exploited but high-technical-impact issue.

SQLi Snowflake Cli
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Server-side request forgery in Snowflake CLI versions 3.6.0 through 3.18.x lets an attacker coerce a victim's CLI session into fetching attacker-chosen remote URLs and then retrieving and executing remote SQL in that session's context. The flaw lives in the SQL statement reader's !source/!load directives, which resolve remote references at runtime without restricting the request destination, so a victim who processes attacker-supplied SQL can be made to reach internal/non-public network locations. Despite a 9.6 CVSS, real-world urgency is tempered by required user interaction and a low EPSS (0.09%); there is no public exploit identified at time of analysis and it is not in CISA KEV.

SSRF Snowflake Cli
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Snowflake CLI versions prior to 3.19 write plaintext credentials - including passwords, authentication tokens, and private key material - to persistent local debug log files due to CWE-532 (Insertion of Sensitive Information into Log File). Any local user account with read access to the affected user's log directory can harvest these credentials without needing application-level privileges. No active exploitation is confirmed (not in CISA KEV) and no public exploit code has been identified at time of analysis, but the confidentiality impact is rated high given that full credential material may be exposed.

Information Disclosure Snowflake Cli
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Arbitrary code execution in Snowflake CLI versions prior to 3.19 lets an attacker run code in the context of any developer who bundles or deploys an attacker-supplied Snowpark project. The flaw lives in the Snowpark annotation processor callback template, where untrusted project content is interpolated directly into generated Python code (CWE-94). No public exploit has been identified at time of analysis, but the attack is straightforward and high-impact (CVSS 8.8) given that it executes with the victim's local privileges; exploitation hinges on the victim running the bundling/deployment workflow against malicious content.

RCE Python Code Injection +1
NVD
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

Path traversal in Snowflake CLI versions prior to 3.19 enables arbitrary local file exfiltration to Snowflake cloud services when a victim processes attacker-controlled project or repository content. The CLI fails to restrict file path resolution during deployment or SQL template processing, allowing crafted project files to reference and transmit content from outside the intended project directory boundary to Snowflake-hosted artifacts. No public exploit has been identified and this CVE is not listed in the CISA KEV catalog; upgrade to version 3.19 is required as the vendor documents no supported workarounds.

Path Traversal Snowflake Cli
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Snowflake CLI versions prior to 3.19 permit self-injection SQL execution through improper neutralization of local CLI parameters in Cortex SQL and object listing command paths, where crafted argument values cause the tool to construct and execute unintended SQL within the authenticated user's existing Snowflake session. Exploitation is structurally constrained to self-injection - the attacker must themselves supply the malicious values via local CLI arguments, and impact cannot exceed the privileges already held by the current session context. No public exploit code has been identified and no active exploitation is confirmed; the vendor-assigned CVSS score of 3.6 (Low) accurately reflects the narrow attack surface and bounded impact.

SQLi Snowflake Cli
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

SQL injection in Snowflake CLI versions 1.2.2 through 3.18.x allows an attacker to execute unintended SQL statements within a victim's authenticated Snowflake session by planting crafted repository content, project configuration, manifest, or specification input. When a developer processes that attacker-controlled content through a vulnerable command path, the injected SQL runs with the victim's session privileges, enabling data theft, modification, or destruction up to that user's authorization level. There is no public exploit identified at time of analysis, exploitation is not confirmed in CISA KEV, and EPSS is low at 0.31% (23rd percentile), reflecting the user-interaction requirement.

SQLi Snowflake Cli
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy