PT-2026-53313 · Snowflake · Snowflake Cli
Published
2026-06-29
·
Updated
2026-06-29
·
CVE-2026-13750
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Snowflake CLI versions prior to 3.19
Description
Sensitive information is inserted into log files in plaintext. This occurs when credentials, such as passwords, tokens, or private key material, are written to persistent local debug logs. An attacker with read access to the affected user's local log files can expose these credentials if they are present in the connection context.
Recommendations
Upgrade to Snowflake CLI version 3.19.
Fix
Insertion into Log File
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Snowflake Cli