[CYBERDIGEST]
⊞ Dashboard ⚡ Intelligence 📝 Reports 📚 Global Threats 💻 Hack Lab 🗄️ Resources ⌬ 0xJerry's Lab
📡 RSS Feed
System Online

Tag

#Snowpark Python SDK

newsCRITICAL 9.6

Critical SQL Injection Vulnerability in Snowflake Snowpark Python SDK (CVE-2026-15062)

A critical SQL injection vulnerability (CVE-2026-15062) with a CVSS score of 9.6 affects Snowflake Snowpark Python SDK versions prior to 1.53.0. Authenticated low-privilege users could exploit this vulnerability to execute SQL beyond their authorization scope, potentially leading to source database compromise, unauthorized cross-tenant data exfiltration, or unauthorized read of Snowflake account data. Immediate action is required to update to version 1.53.0 or later.

Jul 9, 20261 source