216.73.217.86

CVE-2026-22805

· Published 12/01/2026 23:15 · Modified 13/01/2026 14:03

Labels: CVE-2026-22805 2026-01-12CVE-2026-22805CWE-918[email protected]

Essential information

Published
12/01/2026 23:15
Modified
13/01/2026 14:03
Author
Creator
CVSS
2.1 LOW (v3) 2.1 LOW (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Metabase is an open-source data analytics platform. Prior to 55.13, 56.3, and 57.1, self-hosted Metabase instances that allow users to create subscriptions could be potentially impacted if their Metabase is colocated with other unsecured resources. This vulnerability is fixed in 55.13, 56.3, and 57.1.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
metabase / metabase cpe:2.3:a:metabase:metabase:55.13:*:*:*:*:*:*:*
metabase / metabase cpe:2.3:a:metabase:metabase:56.3:*:*:*:*:*:*:*
metabase / metabase cpe:2.3:a:metabase:metabase:57.1:*:*:*:*:*:*:*

References