Snowflake Snowflake Cli — known CVE vulnerabilities
Every CVE whose affected-product data names Snowflake Snowflake Cli, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2026-13749 — CVSS 8.8 (high): Improper neutralization in the Snowpark annotation processor callback template in Snowflake CLI versions prior to 3.19 allowed arbitrary…
CVE-2026-13744 — CVSS 8.3 (high): Improper neutralization of attacker-controlled content in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. By…
CVE-2026-13748 — CVSS 6.3 (medium): Improper restriction of file path resolution in Snowflake CLI versions prior to 3.19 allowed arbitrary local file content to be read and…
CVE-2026-13752 — CVSS 6.0 (medium): Improper neutralization of parameters in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. An attacker could exploit…
CVE-2026-13750 — CVSS 5.5 (medium): Insertion of sensitive information into log files in Snowflake CLI versions prior to 3.19 allowed plaintext credentials to be written to…
CVE-2026-13751 — CVSS 4.1 (medium): Improper handling of untrusted remote references in Snowflake CLI versions prior to 3.19 allowed server-side request forgery. The SQL…
CVE-2026-13746 — CVSS 3.6 (low): Improper neutralization of local CLI parameters in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. A user could…