Information Exposure Vulnerability in KNIME Business Hub
CVE-2025-11239

2.3LOW

Key Information:

Vendor: Knime
Status: Knime Business Hub
Vendor: CVE Published:; 2 October 2025

What is CVE-2025-11239?

An information exposure vulnerability exists in KNIME Business Hub, where prior to version 1.16.0, sensitive details from jobs were accessible to all team members, posing a risk of unauthorized data access. With the release of 1.16.0, changes were implemented to restrict visibility, allowing only the job creator to access full job details, including input and output data.

Affected Version(s)

KNIME Business Hub 0 < 1.16.0

KNIME Business Hub 1.16.0

References

https://www.knime.com/security/advisories

CVSS V4

Score:

2.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 2, 2025
Vulnerability Reserved
Oct 2, 2025

Credit

Zigrin

JSON

Knime

What is CVE-2025-11239?

Affected Version(s)

References

CVSS V4

Timeline

Credit