A critical security vulnerability has been identified in Metabase, prompting an urgent recommendation for all users to upgrade their installations immediately. This vulnerability, discovered by a third-party security researcher, allows unauthenticated attackers to execute arbitrary commands with the same privileges as the Metabase server. Although there is no evidence of exploitation, Metabase has released patched versions for both its enterprise and open-source editions to address the issue. Users running older versions or forks are advised to contact Metabase support for guidance on applying the necessary patches. Metabase Cloud customers have already had their instances patched, and the company plans to release further details about the vulnerability in two weeks to allow users additional time to upgrade before the information is widely available.