Login Sign Up

Metabase Security Vulnerabilities (CVEs)

Track 6 security vulnerabilities affecting Metabase products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

3 Critical
2 High
1 Medium
🔔 Get Alerts for Metabase
CVE-2026-27464 7.7

This vulnerability allows authenticated users in Metabase to extract sensitive information including database credentials via template evaluation in e...

Feb 21, 2026
CVE-2025-27141 6.5

In Metabase Enterprise Edition, users with impersonation permissions can access cached query results from other users, potentially viewing data they s...

Feb 24, 2025
CVE-2023-37470 10.0

CVE-2023-37470 is a critical remote code execution vulnerability in Metabase that allows attackers to execute arbitrary code on the server by injectin...

Aug 4, 2023
CVE-2023-38646 9.8

CVE-2023-38646 is a critical remote code execution vulnerability in Metabase that allows unauthenticated attackers to execute arbitrary commands on th...

Jul 21, 2023
CVE-2022-24854 8.0

This vulnerability in Metabase allows attackers with SQL permissions on one SQLite database to attach and query across multiple SQLite databases if th...

Apr 14, 2022
CVE-2021-41277 10.0

This vulnerability in Metabase allows attackers to exploit the custom GeoJSON map feature to perform local file inclusion attacks. By submitting malic...

Nov 17, 2021

Why Monitor Metabase Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 6+ known vulnerabilities affecting Metabase products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Metabase packages in under 60 seconds. No agents required - completely agentless scanning that works across Metabase deployments.

Free vulnerability database: Access detailed information about every Metabase CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

  • Register free account & add your servers
  • Run one-time scan or schedule automatic monitoring (every 1-24 hours)
  • Receive instant alerts when new Metabase CVEs affect your systems
  • Access dashboard with severity breakdown & fix instructions
Start Monitoring Metabase CVEs Free