Every CVE whose affected-product data names Knime Business Hub, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2025-2787 — CVSS 8.8 (high): KNIME Business Hub is affected by the Ingress-nginx CVE-2025-1974 ( a.k.a IngressNightmare ) vulnerability which affects the ingress-nginx…
CVE-2025-2402 — CVSS 8.6 (high): A hard-coded, non-random password for the object store (minio) of KNIME Business Hub in all versions except the ones listed below allows an…
CVE-2025-3019 — CVSS 7.2 (high): KNIME Business Hub is affected by several cross-site scripting vulnerabilities in its web pages. If a user clicks on a malicious link or…
CVE-2025-11240 — CVSS 7.2 (high): An open redirect vulnerability existed in KNIME Business Hub prior to version 1.16.0. An unauthenticated remote attacker could craft a link…
CVE-2024-6598 — CVSS 6.5 (medium): A denial-of-service attack is possible through the execution functionality of KNIME Business Hub 1.10.0 and 1.10.1. It allows an…
CVE-2023-2541 — CVSS 5.3 (medium): The Web Frontend of KNIME Business Hub before 1.4.0 allows an unauthenticated remote attacker to access internals about the application…
CVE-2025-14262 — CVSS 4.3 (medium): A wrong permission check in KNIME Business Hub before version 1.17.0 allowed an authenticated user to save jobs of other users as if there…
CVE-2023-3140 — CVSS 4.3 (medium): Missing HTTP headers (X-Frame-Options, Content-Security-Policy) in KNIME Business Hub before 1.4.0 has left users vulnerable to click…
CVE-2025-11239 — CVSS 4.3 (medium): Potentially sensitive information in jobs on KNIME Business Hub prior to 1.16.0 were visible to all members of the user's team. Starting…