Security update available for Metabase - Please upgrade now

Metabase issued a security alert urging self-hosted users to update their instances immediately due to a severe vulnerability discovered by independent security researcher Sho Odagiri from GMO Cybersecurity by Ierae. The vulnerability, which allows authenticated users to access sensitive data like database credentials, has not been exploited in the wild but poses significant risks if left unaddressed. Metabase Cloud customers are not affected as their systems have already been updated, but self-hosted users are advised to upgrade to the latest point release for their version to ensure security. Detailed instructions and minimum safe releases for various Metabase versions are provided, and users running custom forks are encouraged to contact Metabase for necessary patches.