A vulnerability identified as problematic has been detected in Metabase up to 1.58.15.1/1.59.11/1.60.6.2/1.61.1. This vulnerability affects unknown code of the component H2 Database Connection. This manipulation causes code injection.

This vulnerability is handled as CVE-2026-59826. The attack can be initiated remotely. There is not any exploit available.