CVE-2026-13748 - Vulnerability Details

- Snowflake CLI Arbitrary Local File Read and Exfiltration Through Improper File Path Restriction

Description

Improper restriction of file path resolution in Snowflake CLI versions prior to 3.19 allowed arbitrary local file content to be read and transmitted to Snowflake services. An attacker could exploit this by supplying crafted repository or project content that referenced files outside the intended project boundary, causing Snowflake CLI to read local files and upload or embed their contents during deployment or SQL template processing. Successful exploitation required the victim to process attacker-controlled project content, and retrieval of exfiltrated data depended on access to the victim's Snowflake account artifacts such as query history or uploaded stage content. The fix is available in Snowflake CLI version 3.19, and users must manually upgrade.

Published: 2026-06-29

Score: 6.3 Medium

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability in Snowflake CLI allows attackers to supply crafted repository or project content that references files outside the intended project directory. This improper file path resolution permits the CLI to read arbitrary local files and transmit their contents to Snowflake services during deployment or SQL template processing. The result is a local file read that can lead to data exfiltration, compromising the confidentiality of files on the victim’s system.

Affected Systems

Snowflake CLI versions prior to 3.19 are affected. The vulnerability applies to the Snowflake CLI tool used for deploying projects, uploading stages, and processing SQL templates. Any installation of Snowflake CLI that has not been upgraded to 3.19 or later is vulnerable.

Risk and Exploitability

The CVSS score of 6.3 classifies the flaw as medium severity. EPSS is not available, but the vulnerability is not listed in the CISA KEV catalog. Exploitation requires the victim to run the CLI with attacker‑controlled project content; therefore the attack vector is local or requires social engineering to supply the content. Once the CLI executes the content, it will read the specified files and upload their contents to the Snowflake account, making detection reliant on account monitoring. Because the flaw exploits path‑traversal weaknesses (CWE‑22, CWE‑61, CWE‑73), any user who processes untrusted project data is at risk.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Snowflake

Snowflake CLI

unaffected

Version	Status	Constraints
`0.2.2`	affected	< 3.19.0

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade Snowflake CLI to version 3.19 or later.
Verify that any custom scripts or project files do not reference paths outside the project directory before deployment.
Monitor Snowflake account artifacts such as query history and stage uploads for unexpected data or file contents that may indicate exfiltration.

Generated by OpenCVE AI on June 29, 2026 at 17:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://community.snowflake.com/s/article/Snowflake-CLI-Vulnerability-Advisory

History

Mon, 29 Jun 2026 17:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 29 Jun 2026 16:15:00 +0000

Type	Values Removed	Values Added
Description		Improper restriction of file path resolution in Snowflake CLI versions prior to 3.19 allowed arbitrary local file content to be read and transmitted to Snowflake services. An attacker could exploit this by supplying crafted repository or project content that referenced files outside the intended project boundary, causing Snowflake CLI to read local files and upload or embed their contents during deployment or SQL template processing. Successful exploitation required the victim to process attacker-controlled project content, and retrieval of exfiltrated data depended on access to the victim's Snowflake account artifacts such as query history or uploaded stage content. The fix is available in Snowflake CLI version 3.19, and users must manually upgrade.
Title		Snowflake CLI Arbitrary Local File Read and Exfiltration Through Improper File Path Restriction
Weaknesses		CWE-22 CWE-61 CWE-73
References		https://community.snowflake.com/s/article/Snowflake-CLI-Vulnerability-Advisory
Metrics		cvssV3_1 `{'score': 6.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N'}`

Subscriptions

No data.

MITRE

Status: PUBLISHED

Assigner: SNOWFLAKE

Published: 2026-06-29T15:58:00.158Z

Updated: 2026-06-29T16:20:54.942Z

Reserved: 2026-06-29T15:52:52.370Z

Link: CVE-2026-13748

Vulnrichment

Updated: 2026-06-29T16:20:52.201Z

NVD

No data.

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-29T17:30:06Z

Weaknesses

CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-61
UNIX Symbolic Link (Symlink) Following
CWE-73
External Control of File Name or Path

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object