Information disclosure in Metabase

CVE-2025-32382

Metabase is an open source Business Intelligence and Embedded Analytics tool. When admins change Snowflake connection details in Metabase (either updating a password or changing password to private key or vice versa), Metabase would not al…

EPSS: 0.003 (22.4th percentile) — read the EPSS interpretation.

Affected products

  • Metabase — versions >= 0.52.12, < 0.52.17.1, >= 1.52.12, < 1.52.17.1, >= 0.53.2.3, < 0.53.9.5

Weakness classification (CWE)

References