CVE-2026-27464

MEDIUM EPSS 17.0%
Published Feb 21, 20264mo ago · Modified Jun 17, 20261w ago
6.5 CVSS 3.1
Medium
Find Similar
Published Feb 21, 2026 4mo ago
Last Modified Jun 17, 2026 1w ago

Description

Metabase is an open-source data analytics platform. In versions prior to 0.57.13 and versions 0.58.x through 0.58.6, authenticated users are able to retrieve sensitive information from a Metabase instance, including database access credentials. During testing, it was confirmed that a low-privileged user can extract sensitive information including database credentials, into the email body via template evaluation. This issue has been fixed in versions 0.57.13 and 0.58.7. To workaround this issue, users can disable notifications in their Metabase instance to disallow access to the vulnerable endpoints.

CVSS Details

Base Score
6.5
Exploitability
2.8
Impact
3.6
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability None

Threat Intelligence

EPSS Exploit Probability
17.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 2

CWE-1336
CWE-94 Improper Control of Generation of Code (Code Injection) Injection

Affected Products 4

VendorProductVersionRange
metabasemetabase* <0.57.13
metabasemetabase* <1.57.13
metabasemetabase*≥0.58.0  –  <0.58.7
metabasemetabase*≥1.58.0  –  <1.58.7

References 3

  • github.com https://github.com/metabase/metabase/releases/tag/v0.57.13
    ProductRelease Notes
  • github.com https://github.com/metabase/metabase/releases/tag/v0.58.7
    ProductRelease Notes
  • github.com https://github.com/metabase/metabase/security/advisories/GHSA-vcj8-rcm8-gfj9
    PatchVendor Advisory

Remediation

  • github.com https://github.com/metabase/metabase/security/advisories/GHSA-vcj8-rcm8-gfj9
    PatchVendor Advisory