Spotfire Enterprise Vulnerability in Server Modules by TIBCO Software
CVE-2026-8590
8.7HIGH
What is CVE-2026-8590?
A significant access control vulnerability has been identified in various Spotfire products, including Spotfire Enterprise and Spotfire on Kubernetes. The flaw exists within Spotfire Server modules, which could potentially enable unauthorized access to sensitive data for affected versions. Users and organizations utilizing Spotfire versions ranging from 14.0.12 to 14.8.0 for the enterprise and certain versions of Spotfire on Kubernetes should review their systems and implement necessary security measures to mitigate risks.
Affected Version(s)
Spotfire Enterprise 0 <= 14.0.12
Spotfire Enterprise 0 <= 14.0.12
Spotfire Enterprise 0 <= 14.4.2
