Known Vulnerabilities for Snowflake by Grafana
Listed below are 1 of the newest known vulnerabilities associated with "Snowflake" by "Grafana".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-58375 json | JimuReport through 2.5.0 exposes the POST /jmreport/auto/export endpoint without authentication: the handler is annotated @Ji... | Not Provided | 2026-06-30 | 2026-07-01 |
| CVE-2026-46427 json | Budibase is an open-source low-code platform. Prior to 3.38.3, removeSecrets at packages/server/src/sdk/workspace/datasources... | Not Provided | 2026-05-27 | 2026-05-28 |
| CVE-2026-42237 json | n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the fix for GHSA-f3f2-mcx... | Not Provided | 2026-05-04 | 2026-05-04 |
| CVE-2026-41490 json | Dagster is an orchestration platform for the development, production, and observation of data assets. Prior to Dagster Core v... | Not Provided | 2026-05-07 | 2026-05-07 |
| CVE-2026-28381 json | The Snowflake datasource allows for GET/PUT commands, which can allow any user with access to run queries against the data so... | Not Provided | 2026-06-22 | 2026-06-24 |
| CVE-2026-15067 json | Snowflake Terraform Provider versions prior to 2.18.0 contain several security vulnerabilities, including SQL injection via a... | Not Provided | 2026-07-08 | 2026-07-08 |
| CVE-2026-15062 json | SQL injection vulnerabilities in the Snowflake Snowpark Python SDK (snowpark-python) versions prior to 1.53.0 could allow aut... | Not Provided | 2026-07-08 | 2026-07-08 |
| CVE-2026-13752 json | Improper neutralization of parameters in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. An attacker c... | Not Provided | 2026-06-29 | 2026-06-29 |
| CVE-2026-13751 json | Improper handling of untrusted remote references in Snowflake CLI versions prior to 3.19 allowed server-side request forgery.... | Not Provided | 2026-06-29 | 2026-06-29 |
| CVE-2026-13750 json | Insertion of sensitive information into log files in Snowflake CLI versions prior to 3.19 allowed plaintext credentials to be... | Not Provided | 2026-06-29 | 2026-06-29 |