CVE-2026-13752

Received Received - Intake

Improper Parameter Neutralization in Snowflake CLI

Publication date: 2026-06-29

Last updated on: 2026-06-29

Assigner: 412d305a-227d-44f9-a262-a31ba44f2aea

Description

Improper neutralization of parameters in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. An attacker could exploit this by supplying crafted values to vulnerable command paths, causing Snowflake CLI to execute unintended SQL in the context of the user’s Snowflake session. Successful exploitation required crafted values to reach vulnerable parameters, including through socially engineered input, malicious repository configuration, or compromised automation feeding external values into the CLI, and impact is limited by the privileges assigned to the active session. The fix is available in Snowflake CLI version 3.19, and users must manually upgrade.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-06-29

Last Modified

2026-06-29

Generated

2026-06-29

AI Q&A

2026-06-29

EPSS Evaluated

N/A

NVD

CVE-2026-13752

EUVD

EUVD-2026-40149

Affected Vendors & Products

Vendor	Product	Version / Range
snowflake	snowflake_cli	to 3.19 (exc)

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-89	The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

CWE ID

Description

CWE-89

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Attack-Flow Graph

Compliance Impact

The vulnerability in Snowflake CLI allows unintended SQL execution within the context of the user's Snowflake session, which could lead to unauthorized access or manipulation of sensitive data depending on the privileges of the active session.

Such unauthorized data access or manipulation could potentially impact compliance with data protection regulations like GDPR or HIPAA, as these standards require strict controls over data access and integrity.

However, the impact is limited by the privileges assigned to the active session, and successful exploitation requires crafted input reaching vulnerable parameters, which may reduce the likelihood of a compliance breach.

Users are advised to upgrade to Snowflake CLI version 3.19 to mitigate this risk.

Executive Summary

This vulnerability involves improper neutralization of parameters in Snowflake CLI versions prior to 3.19, which allows unintended SQL execution. An attacker can exploit this by supplying specially crafted values to vulnerable command paths, causing the Snowflake CLI to execute SQL commands that were not intended by the user.

Exploitation requires that these crafted values reach vulnerable parameters, which can happen through socially engineered input, malicious repository configurations, or compromised automation that feeds external values into the CLI.

The impact of this vulnerability depends on the privileges assigned to the active Snowflake session. The issue is fixed in Snowflake CLI version 3.19, and users must manually upgrade to mitigate the risk.

Impact Analysis

This vulnerability can lead to the execution of unintended SQL commands within the context of the user's Snowflake session. Depending on the privileges of that session, an attacker could potentially access, modify, or manipulate sensitive data.

The impact is limited by the privileges assigned to the active session, so higher privilege sessions pose a greater risk if exploited.

Mitigation Strategies

To mitigate this vulnerability, you should manually upgrade the Snowflake CLI to version 3.19 or later, where the issue has been fixed.

Hi! I’m here to help you understand CVE-2026-13752. Ask me anything about the vulnerability, its impact, or mitigation strategies.

0/70

Improper Parameter Neutralization in Snowflake CLI

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

AI Quick Actions

Chat Assistant

EPSS Chart