Snowflake Snowflake Cli
7 CVEs affecting Snowflake Snowflake Cli. Latest disclosed: 2026-06-29. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-13749 | High | 8.8 | 2026-06-29 | Improper neutralization in the Snowpark annotation processor callback template in Snowflake CLI versions prior to 3.19 allowed arbitrary code execution during… |
CVE-2026-13744 | High | 8.3 | 2026-06-29 | Improper neutralization of attacker-controlled content in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. By supplying crafted repositor… |
CVE-2026-13748 | Medium | 6.3 | 2026-06-29 | Improper restriction of file path resolution in Snowflake CLI versions prior to 3.19 allowed arbitrary local file content to be read and transmitted to Snowfla… |
CVE-2026-13752 | Medium | 6.0 | 2026-06-29 | Improper neutralization of parameters in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. An attacker could exploit this by supplying cra… |
CVE-2026-13750 | Medium | 5.5 | 2026-06-29 | Insertion of sensitive information into log files in Snowflake CLI versions prior to 3.19 allowed plaintext credentials to be written to persistent local debug… |
CVE-2026-13751 | Medium | 4.1 | 2026-06-29 | Improper handling of untrusted remote references in Snowflake CLI versions prior to 3.19 allowed server-side request forgery. The SQL statement reader's !sourc… |
CVE-2026-13746 | Low | 3.6 | 2026-06-29 | Improper neutralization of local CLI parameters in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. A user could trigger this issue by su… |