Description
Metabase is an open source business intelligence and embedded analytics tool. In Metabase Enterprise prior to versions 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, and 1.59.4, authenticated admins on Metabase Enterprise Edition can achieve Remote Code Execution (RCE) and Arbitrary File Read via the `POST /api/ee/serialization/import` endpoint. A crafted serialization archive injects an `INIT` property into the H2 JDBC spec, which can execute arbitrary SQL during a database sync. We confirmed this was possible on Metabase Cloud. This only affects Metabase Enterprise. Metabase OSS lacks the affected codepaths. All versions of Metabase Enterprise that have serialization, which dates back to at least version 1.47, are affected. Metabase Enterprise versions 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, and 1.59.4 patch the issue. As a workaround, disable the serialization import endpoint in their Metabase instance to prevent access to the vulnerable codepaths.
Published: 2026-03-27
Score: 7.2 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

Metabase Enterprise versions before 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, and 1.59.4 allow an authenticated administrator to inject an INIT property into an H2 JDBC connection string via a crafted serialization archive. The injected parameter causes the database engine to execute arbitrary SQL during a sync, which can in turn trigger Remote Code Execution and arbitrary file reads. The weakness is classified as an insecure deserialization (CWE‑502). The potential impact is that a privileged attacker can run arbitrary code on the host and read sensitive files, effectively compromising the entire system.

Affected Systems

The vulnerability affects Metabase Enterprise Edition only. All Enterprise releases with serialization support from version 1.47 onward are vulnerable, including Metabase Cloud instances. Metabase OSS does not contain the affected code paths. Patched versions start with 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, and 1.59.4.

Risk and Exploitability

The CVSS score is 7.2, indicating high severity. EPSS data is not available, and the vulnerability is not listed in the CISA KEV catalog. Exploit requires authenticated administrator access to the /api/ee/serialization/import endpoint and the ability to upload a malicious archive. An attacker with these privileges can trigger the injection and execute arbitrary code, presenting a significant risk to confidentiality, integrity, and availability of the host system.

Generated by OpenCVE AI on March 27, 2026 at 06:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Metabase Enterprise to the latest patched versions (1.54.22 or later, 1.55.22 or later, 1.56.22 or later, 1.57.16 or later, 1.58.10 or later, 1.59.4 or later).
  • If an upgrade is not possible, disable the serialization import endpoint to block access to the vulnerable code path.

Generated by OpenCVE AI on March 27, 2026 at 06:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 27 Mar 2026 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Metabase
Metabase metabase
Vendors & Products Metabase
Metabase metabase

Fri, 27 Mar 2026 04:00:00 +0000

Type Values Removed Values Added
Description Metabase is an open source business intelligence and embedded analytics tool. In Metabase Enterprise prior to versions 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, and 1.59.4, authenticated admins on Metabase Enterprise Edition can achieve Remote Code Execution (RCE) and Arbitrary File Read via the `POST /api/ee/serialization/import` endpoint. A crafted serialization archive injects an `INIT` property into the H2 JDBC spec, which can execute arbitrary SQL during a database sync. We confirmed this was possible on Metabase Cloud. This only affects Metabase Enterprise. Metabase OSS lacks the affected codepaths. All versions of Metabase Enterprise that have serialization, which dates back to at least version 1.47, are affected. Metabase Enterprise versions 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, and 1.59.4 patch the issue. As a workaround, disable the serialization import endpoint in their Metabase instance to prevent access to the vulnerable codepaths.
Title Metabase vulnerable to RCE and Arbitrary File Read via H2 JDBC INIT Injection in EE Serialization Import
Weaknesses CWE-502
References
Metrics cvssV3_1

{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Metabase Metabase
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-27T00:19:39.397Z

Reserved: 2026-03-23T17:34:57.559Z

Link: CVE-2026-33725

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-03-27T01:16:19.837

Modified: 2026-03-27T01:16:19.837

Link: CVE-2026-33725

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-27T09:22:35Z

Weaknesses