Metabase Enterprise: Authenticated Admins Can Execute Malicious Code

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.2

Metabase Enterprise: Authenticated Admins Can Execute Malicious Code

CVE-2026-33725

Summary

Authenticated admins on Metabase Enterprise can execute malicious code and read sensitive files if they have access to the import feature. This affects all Enterprise versions with serialization enabled, including recent ones. To protect your instance, disable the import feature or upgrade to a patched version.

Original title

Original description

Metabase is an open source business intelligence and embedded analytics tool. In Metabase Enterprise prior to versions 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, and 1.59.4, authenticated admins on Metabase Enterprise Edition can achieve Remote Code Execution (RCE) and Arbitrary File Read via the `POST /api/ee/serialization/import` endpoint. A crafted serialization archive injects an `INIT` property into the H2 JDBC spec, which can execute arbitrary SQL during a database sync. We confirmed this was possible on Metabase Cloud. This only affects Metabase Enterprise. Metabase OSS lacks the affected codepaths. All versions of Metabase Enterprise that have serialization, which dates back to at least version 1.47, are affected. Metabase Enterprise versions 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, and 1.59.4 patch the issue. As a workaround, disable the serialization import endpoint in their Metabase instance to prevent access to the vulnerable codepaths.

nvd CVSS3.1 7.2

Vulnerability type

CWE-502 Deserialization of Untrusted Data

https://github.com/metabase/metabase/security/advisories/GHSA-fppj-vcm3-w229

Published: 27 Mar 2026 · Updated: 27 Mar 2026 · First seen: 27 Mar 2026