CVE-2026-3293 | snowflakedb snowflake-jdbc up to 4.0.1 JDBC URL SdkProxyRoutePlanner.java SdkProxyRoutePlanner nonProxyHosts redos (Issue 2505)

A vulnerability categorized as problematic has been discovered in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts can lead to inefficient regular expression complexity.

The identification of this vulnerability is CVE-2026-3293. The attack can only be executed locally. Furthermore, there is an exploit available.

A patch should be applied to remediate this issue.

CVE-2026-3293 | snowflakedb snowflake-jdbc up to 4.0.1 JDBC URL SdkProxyRoutePlanner.java SdkProxyRoutePlanner nonProxyHosts redos (Issue 2505)

Post correlati

CVE-2024-49344 | IBM OpenPages with Watson 8.3/9.0 Chat session fixiation

CVE-2026-1614 | Rise Blocks Plugin up to 3.7 on WordPress Site Identity Block Attribute cross site scripting

CVE-2025-7200 | krishna9772 Pharmacy Management System up to a2efc8442931ec9308f3b4cf4778e5701153f4e5 quantity_upd.php med_name/med_cat/ex_date sql injection

CVE-2025-66431 | WebPros Plesk prior 18.0.73.5/18.0.74.2 on Linux Domain Creation symlink