CVE-2026-33725

Metabase is an open source business intelligence and embedded analytics tool. In Metabase Enterprise prior to versions 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, and 1.59.4, authenticated admins on Metabase Enterprise Edition can achieve Remote Code Execution (RCE) and Arbitrary File Read via the `POST /api/ee/serialization/import` endpoint. A crafted serialization archive injects an `INIT` property into the H2 JDBC spec, which can execute arbitrary SQL during a database sync. We confirmed this was possible on Metabase Cloud. This only affects Metabase Enterprise. Metabase OSS lacks the affected codepaths. All versions of Metabase Enterprise that have serialization, which dates back to at least version 1.47, are affected. Metabase Enterprise versions 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, and 1.59.4 patch the issue. As a workaround, disable the serialization import endpoint in their Metabase instance to prevent access to the vulnerable codepaths.

CVSS v3 7.2 HIGH

7.2^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/metabase/metabase/security/advisories/GHSA-fppj-vcm3-w229

Configurations

No configuration.

History

No history.

Information

Published : 2026-03-27 01:16

Updated : 2026-03-30 13:26

NVD link : CVE-2026-33725

Mitre link : CVE-2026-33725

CVE.ORG link : CVE-2026-33725

JSON object : View

Products Affected

No product.

CWE

CWE-502

Deserialization of Untrusted Data

{"id": "CVE-2026-33725", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2026-03-27T01:16:19.837", "references": [{"url": "https://github.com/metabase/metabase/security/advisories/GHSA-fppj-vcm3-w229", "source": "security-advisories@github.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-502"}]}], "descriptions": [{"lang": "en", "value": "Metabase is an open source business intelligence and embedded analytics tool. In Metabase Enterprise prior to versions 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, and 1.59.4, authenticated admins on Metabase Enterprise Edition can achieve Remote Code Execution (RCE) and Arbitrary File Read via the `POST /api/ee/serialization/import` endpoint. A crafted serialization archive injects an `INIT` property into the H2 JDBC spec, which can execute arbitrary SQL during a database sync. We confirmed this was possible on Metabase Cloud. This only affects Metabase Enterprise. Metabase OSS lacks the affected codepaths. All versions of Metabase Enterprise that have serialization, which dates back to at least version 1.47, are affected. Metabase Enterprise versions 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, and 1.59.4 patch the issue. As a workaround, disable the serialization import endpoint in their Metabase instance to prevent access to the vulnerable codepaths."}, {"lang": "es", "value": "Metabase es una herramienta de inteligencia de negocios de c\u00f3digo abierto y an\u00e1lisis embebido. En Metabase Enterprise anterior a las versiones 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10 y 1.59.4, los administradores autenticados en Metabase Enterprise Edition pueden lograr Ejecuci\u00f3n Remota de C\u00f3digo (RCE) y Lectura Arbitraria de Archivos a trav\u00e9s del endpoint 'POST /API/ee/serialization/import'. Un archivo de serializaci\u00f3n manipulado inyecta una propiedad 'INIT' en la especificaci\u00f3n H2 JDBC, que puede ejecutar SQL arbitrario durante una sincronizaci\u00f3n de base de datos. Confirmamos que esto era posible en Metabase Cloud. Esto solo afecta a Metabase Enterprise. Metabase OSS carece de las rutas de c\u00f3digo afectadas. Todas las versiones de Metabase Enterprise que tienen serializaci\u00f3n, lo que se remonta al menos a la versi\u00f3n 1.47, est\u00e1n afectadas. Las versiones de Metabase Enterprise 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10 y 1.59.4 parchean el problema. Como soluci\u00f3n alternativa, deshabilite el endpoint de importaci\u00f3n de serializaci\u00f3n en su instancia de Metabase para evitar el acceso a las rutas de c\u00f3digo vulnerables."}], "lastModified": "2026-03-30T13:26:29.793", "sourceIdentifier": "security-advisories@github.com"}