CVE-2026-6442
Received Received - Intake
Command Injection in Snowflake Cortex CLI Allows Arbitrary Code Execution

Publication date: 2026-04-16

Last updated on: 2026-04-16

Assigner: 412d305a-227d-44f9-a262-a31ba44f2aea

Description
Improper validation of bash commands in Snowflake Cortex Code CLI versions prior to 1.0.25 allowed subsequent commands to execute outside the sandbox. An attacker could exploit this by embedding specially crafted commands in untrusted content, such as a malicious repository, causing the CLI agent to execute arbitrary code on the local device without user consent. Exploitation is non-deterministic and model-dependent. The fix is automatically applied upon relaunch with no user action required.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-16
Last Modified
2026-04-16
Generated
2026-06-16
AI Q&A
2026-04-16
EPSS Evaluated
2026-06-15
NVD
CVE-2026-6442
EUVD
EUVD-2026-23292
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
snowflake cortex_code_cli to 1.0.25 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1286 The product receives input that is expected to be well-formed - i.e., to comply with a certain syntax - but it does not validate or incorrectly validates that the input complies with the syntax.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves improper validation of bash commands in Snowflake Cortex Code CLI versions prior to 1.0.25. It allows commands to execute outside the intended sandbox environment. An attacker can exploit this by embedding specially crafted commands in untrusted content, such as a malicious repository, which causes the CLI agent to execute arbitrary code on the local device without the user's consent.

The exploitation is non-deterministic and depends on the model used. The issue is fixed automatically when the application is relaunched, requiring no user action.

Impact Analysis

This vulnerability can lead to arbitrary code execution on the local device without user consent. This means an attacker could potentially run malicious commands or software, leading to compromise of confidentiality, integrity, and availability of the affected system.

Mitigation Strategies

The vulnerability is fixed automatically upon relaunch of the Snowflake Cortex Code CLI. No user action is required to apply the fix.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-6442. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart