Metabase channel test endpoint can reach internal local addresses

2.1 / 10

LOW

CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N

Description

Metabase is an open-source data analytics platform. Prior to 55.13, 56.3, and 57.1, self-hosted Metabase instances that allow users to create subscriptions could be potentially impacted if their Metabase is colocated with other unsecured resources. This vulnerability is fixed in 55.13, 56.3, and 57.1.

Basic Information

ID CVE-2026-22805

Source GitHub_M

Published Jan 12, 2026 at 22:36

Affected Product

Vendor metabase

Product metabase

Version >= 0.57.0-beta, < 57.1

Affected Versions metabase metabase >= 0.57.0-beta, < 57.1
metabase metabase >= 0.56.0-beta, < 56.3
metabase metabase < 55.13

CWE Classification

CWE-918

References

github.com /metabase/metabase/security/advisories/GHSA-2wgg-7r2p-cmqx

{
    "lastseen": "",
    "description": "Metabase is an open-source data analytics platform. Prior to 55.13, 56.3, and 57.1, self-hosted Metabase instances that allow users to create subscriptions could be potentially impacted if their Metabase is colocated with other unsecured resources. This vulnerability is fixed in 55.13, 56.3, and 57.1.",
    "published": "2026-01-12T22:36:35.272Z",
    "modified": "2026-01-12T22:36:35.272Z",
    "type": "cve",
    "title": "Metabase channel test endpoint can reach internal local addresses",
    "source": "GitHub_M",
    "references": "https://github.com/metabase/metabase/security/advisories/GHSA-2wgg-7r2p-cmqx",
    "id": "CVE-2026-22805",
    "bulletinFamily": "",
    "cwe": [
        "CWE-918"
    ],
    "cvelist": null,
    "sourceData": "metabase metabase >= 0.57.0-beta, < 57.1\nmetabase metabase >= 0.56.0-beta, < 56.3\nmetabase metabase < 55.13",
    "sourceHref": "",
    "cvss": {
        "score": 2.1,
        "severity": "LOW",
        "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "metabase",
    "version": ">= 0.57.0-beta, < 57.1",
    "vendor": "metabase",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Metabase channel test endpoint can reach internal local addresses_CVE-2026-22805