Knime Business Hub vulnerabilities

CVE-2026-4649 [CRITICAL] CWE-306 Auth bypass in Apache Artemis allows reading all internal messages Auth bypass in Apache Artemis allows reading all internal messages Apache Artemis before version 2.52.0 is affected by an authentication bypass flaw which allows reading all messages exchanged via the broker and injection of new message ( CVE-2026-27446 https://www.cve.org/CVERecord ). Since KNIME Business Hub uses Apache Artemis it is also affected by the issue. However, since Apache Artemis is

CVE-2026-27446 [CRITICAL] CWE-306 CVE-2026-27446: Missing Authentication for Critical Function (CWE-306) vulnerability in Apache Artemis, Apache Activ Missing Authentication for Critical Function (CWE-306) vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This could potentially result in message injection into an

CVE-2025-14262 [MEDIUM] CWE-708 CVE-2025-14262: A wrong permission check in KNIME Business Hub before version 1.17.0 allowed an authenticated user t A wrong permission check in KNIME Business Hub before version 1.17.0 allowed an authenticated user to save jobs of other users as if there were saved by the job owner. The attacker must have permissions to access the jobs but then they were saved into the catalog service using the wrong owner permissions. Therefore it may have been possible to save

CVE-2025-11240 [MEDIUM] CWE-601 CVE-2025-11240: An open redirect vulnerability existed in KNIME Business Hub prior to version 1.16.0. An unauthentic An open redirect vulnerability existed in KNIME Business Hub prior to version 1.16.0. An unauthenticated remote attacker could craft a link to a legitimate KNIME Business Hub installation which, when opened by the user, redirects the user to a page of the attackers choice. This might open the possibility for fishing or other similar attacks. The pro

CVE-2025-11239 [LOW] CWE-863 CVE-2025-11239: Potentially sensitive information in jobs on KNIME Business Hub prior to 1.16.0 were visible to all Potentially sensitive information in jobs on KNIME Business Hub prior to 1.16.0 were visible to all members of the user's team. Starting with KNIME Business Hub 1.16.0 only metadata of jobs is shown to team members. Only the creator of a job can see all information including in- and output data (if present).

CVE-2025-2402 [HIGH] CWE-259 CVE-2025-2402: A hard-coded, non-random password for the object store (minio) of KNIME Business Hub in all versions A hard-coded, non-random password for the object store (minio) of KNIME Business Hub in all versions except the ones listed below allows an unauthenticated remote attacker in possession of the password to read and manipulate swapped jobs or read and manipulate in- and output data of active jobs. It is also possible to cause a denial-of-service of most f

CVE-2025-3019 [MEDIUM] CWE-79 CVE-2025-3019: KNIME Business Hub is affected by several cross-site scripting vulnerabilities in its web pages. If KNIME Business Hub is affected by several cross-site scripting vulnerabilities in its web pages. If a user clicks on a malicious link or opens a malicious web page, arbitrary Java Script may be executed with this user's permissions. This can lead to information loss and/or modification of existing data. The issues are caused by a bug https://github.com/

CVE-2025-2787 [CRITICAL] Ingress-nginx vulnerability in KNIME Business Hub Ingress-nginx vulnerability in KNIME Business Hub KNIME Business Hub is affected by the Ingress-nginx CVE-2025-1974 ( a.k.a IngressNightmare ) vulnerability which affects the ingress-nginx component. In the worst case a complete takeover of the Kubernetes cluster is possible. Since the affected component is only reachable from within the cluster, i.e. requires an authenticated user, the severity in the context of KNIME B

CVE-2025-1974 [CRITICAL] CWE-653 CVE-2025-1974: A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated att A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can a

CVE-2024-6598 [HIGH] CWE-770 CVE-2024-6598: A denial-of-service attack is possible through the execution functionality of KNIME Business Hub 1.1 A denial-of-service attack is possible through the execution functionality of KNIME Business Hub 1.10.0 and 1.10.1. It allows an authenticated attacker with job execution privileges to execute a job that causes internal messages to pile up until there are no more resources available for processing new messages. This leads to an outage of most functional

CVE-2023-2541 [MEDIUM] CWE-497 CVE-2023-2541: The Web Frontend of KNIME Business Hub before 1.4.0 allows an unauthenticated remote attacker to acc The Web Frontend of KNIME Business Hub before 1.4.0 allows an unauthenticated remote attacker to access internals about the application such as versions, host names, or IP addresses. No personal information or application data was exposed.

CVE-2023-3140 [MEDIUM] CWE-1021 CVE-2023-3140: Missing HTTP headers (X-Frame-Options, Content-Security-Policy) in KNIME Business Hub before 1.4.0 Missing HTTP headers (X-Frame-Options, Content-Security-Policy) in KNIME Business Hub before 1.4.0 has left users vulnerable to click jacking. Clickjacking is an attack that occurs when an attacker uses a transparent iframe in a window to trick a user into clicking on an actionable item, such as a button or link, to another server in which they have a