Back to search
CVE-2026-22805
Published: Jan 12, 2026
Modified: Jan 13, 2026
PUBLISHED
Description
Metabase is an open-source data analytics platform. Prior to 55.13, 56.3, and 57.1, self-hosted Metabase instances that allow users to create subscriptions could be potentially impacted if their Metabase is colocated with other unsecured resources. This vulnerability is fixed in 55.13, 56.3, and 57.1.
| Vendor | Product | Versions |
|---|---|---|
metabase | metabase | affected >= 0.57.0-beta, < 57.1affected >= 0.56.0-beta, < 56.3affected < 55.13 |
Weaknesses (CWE)
References
https://github.com/metabase/metabase/security/advisories/GHSA-2wgg-7r2p-cmqx
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now