SQL Injection in Snowflake Spark Connector
CVE-2026-15183
Multiple input validation vulnerabilities in the Snowflake Spark Connector (spark-snowflake) versions prior to 3.2.1 can allow attackers to exfiltrate OAuth client credentials, execute arbitrary SQL with the connector's Snowflake role, or…
Vulnerability class: SQL Injection
Affected products
- Snowflake Spark Connector — versions 0.1.0