Hitachi Vantara Pentaho Data Integration And Analytics — known CVE vulnerabilities
Every CVE whose affected-product data names Hitachi Vantara Pentaho Data Integration And Analytics, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2025-11158 — CVSS 9.1 (critical): Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.6, including 9.3.x and 8.3.x, do not restrict Groovy scripts in…
CVE-2025-11159 — CVSS 9.1 (critical): Hitachi Vantara Pentaho Data Integration & Analytics of all versions contain a JDBC driver for H2 databases which is vulnerable to external…
CVE-2026-2253 — CVSS 7.7 (high): Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.7 and 11.0.0.0, including 9.3.x and 8.3.x, does not prevent…
CVE-2026-2254 — CVSS 6.3 (medium): Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.6 and 11.0.0.0, including 9.3.x and 8.3.x, does not apply ACLs…
CVE-2023-5617 — CVSS 5.3 (medium): Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.1.0.0 and 9.3.0.6, including 9.5.x and 8.3.x, display the version…
CVE-2026-2255 — CVSS 4.3 (medium): Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.6 and 11.0.0.0, including 9.3.x and 8.3.x, expose Hadoop…