Known exploited
Metabase
CVE published 2024-11-12
CVE-2021-41277
CVE-2021-41277 is a Metabase GeoJSON API local file inclusion vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2024-11-12. The KEV listing means CISA has determined the issue has been exploited in the wild, so exposed Metabase deployments should be treated as a priority remediation item. The supplied records do not include a CVSS score, so prioritization here is driven by kn [truncated]