What is CVE-2026-13744?

CVE-2026-13744 is a high-severity vulnerability in Snowflake Cli, classified under SQL Injection. CVSS score: 8.3/10. Published 2026-06-29.

How severe is CVE-2026-13744?

High severity. CVSS v3 base score is 8.3 out of 10.

SQL Injection in Snowflake Cli

CVE-2026-13744

Improper neutralization of attacker-controlled content in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. By supplying crafted repository content, project configuration, manifest data, or specification input, an atta…

Vulnerability class: SQL Injection

CVSS v3 metric

CVSS v3 base score 8.3 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H.

Affected products

Snowflake Cli — versions 1.2.2

Weakness classification (CWE)

CWE-89 — SQL Injection

References

412d305a-227d-44f9-a262-a31ba44f2aea

Frequently asked questions

What is CVE-2026-13744?: CVE-2026-13744 is a high-severity vulnerability in Snowflake Cli, classified under SQL Injection. CVSS score: 8.3/10. Published 2026-06-29.
How severe is CVE-2026-13744?: High severity. CVSS v3 base score is 8.3 out of 10.