CVE-2026-6442HIGH 8.3EPSS p27.5%

CVE-2026-6442CVE-2026-6442

Description

Improper validation of bash commands in Snowflake Cortex Code CLI versions prior to 1.0.25 allowed subsequent commands to execute outside the sandbox. An attacker could exploit this by embedding specially crafted commands in untrusted content, such as a malicious repository, causing the CLI agent to execute arbitrary code on the local device without user consent. Exploitation is non-deterministic and model-dependent. The fix is automatically applied upon relaunch with no user action required.

Scoring

CVSS 3.18.3 (HIGH)
VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS0.36% probability of exploitation · percentile 27.5% · 2026-06-19T12:03:05Z
Published2026-04-16
Last modified2026-04-17

Underlying weaknesses· 1

CWE-1286

References

  1. https://community.snowflake.com/s/article/PromptArmor-Report---Snowflake-Response
  2. https://www.promptarmor.com/

1

TypeTargetConfidenceTier
WeaknessImproper Validation of Syntactic Correctness of Inputcwe-12860%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-34430
CVE
CVE-2025-43562
CVE
CVE-2025-13688
CVE
CVE-2025-64128
CVE
CVE-2025-46428
CVE
CVE-2025-13686
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.