CVE-2025-27141: 
NixOS vulnerability analysis and mitigation

Metabase Enterprise Edition, starting in version 1.47.0 and prior to versions 1.50.36, 1.51.14, 1.52.11, and 1.53.2, contains a vulnerability where users with impersonation permissions can access cached question results even when their permissions don't allow them to see that data. When a user runs a question that gets cached, and then an impersonated user runs that same question, the impersonated user sees the same results as the previous user, potentially exposing data they shouldn't have access to. This vulnerability only affects the Enterprise Edition and not the Open Source Edition (GitHub Advisory, NVD).

The vulnerability has been assigned CVE-2025-27141 with a CVSS v4.0 base score of 4.8 (Medium). The technical vector string is CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N. The vulnerability specifically occurs in the caching mechanism where the system fails to properly validate the permissions of impersonated users against cached query results (GitHub Advisory).

The vulnerability allows impersonated users to potentially access sensitive data through cached query results that they shouldn't have permission to view. This creates a security bypass that could expose confidential information to unauthorized users within the organization (GitHub Advisory).

Several mitigation options are available: Users should upgrade to the patched versions 1.53.2, 1.52.11, 1.51.14, or 1.50.36. For versions 1.49.X, 1.48.X, and 1.47.X which don't have patches available, users must upgrade to a major version with an available fix. As a temporary workaround, administrators can disable question caching entirely (GitHub Advisory, Metabase Docs).