Browse all 20 CVE security advisories affecting metabase. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Metabase operates as an open-source business intelligence platform, enabling organizations to visualize data and generate reports through a user-friendly interface. Its architecture, primarily built on Java and Clojure, has historically exposed it to several critical vulnerability classes, including remote code execution, SQL injection, and cross-site scripting. Recent records indicate approximately twenty Common Vulnerabilities and Exposures (CVEs), reflecting ongoing challenges in securing its complex query engine and authentication mechanisms. Notable incidents have involved improper access controls allowing unauthorized users to execute arbitrary queries or escalate privileges, potentially compromising sensitive corporate data. The software’s reliance on third-party libraries has also introduced supply chain risks. While the development team actively patches identified flaws, the frequency of disclosed issues underscores the necessity for rigorous configuration management and regular updates to mitigate exposure to known exploit vectors within enterprise environments.
Showing up to 20 recent security advisories. View all →
This page lists every published CVE security advisory associated with metabase. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.