CVE-2026-6442
Command Injection in Snowflake Cortex CLI Allows Arbitrary Code Execution
Publication date: 2026-04-16
Last updated on: 2026-04-16
Assigner: 412d305a-227d-44f9-a262-a31ba44f2aea
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| snowflake | cortex_code_cli | to 1.0.25 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1286 | The product receives input that is expected to be well-formed - i.e., to comply with a certain syntax - but it does not validate or incorrectly validates that the input complies with the syntax. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves improper validation of bash commands in Snowflake Cortex Code CLI versions prior to 1.0.25. It allows commands to execute outside the intended sandbox environment. An attacker can exploit this by embedding specially crafted commands in untrusted content, such as a malicious repository, which causes the CLI agent to execute arbitrary code on the local device without the user's consent.
The exploitation is non-deterministic and depends on the model used. The issue is fixed automatically when the application is relaunched, requiring no user action.
How can this vulnerability impact me? :
This vulnerability can lead to arbitrary code execution on the local device without user consent. This means an attacker could potentially run malicious commands or software, leading to compromise of confidentiality, integrity, and availability of the affected system.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability is fixed automatically upon relaunch of the Snowflake Cortex Code CLI. No user action is required to apply the fix.