KNIME 厂商漏洞列表 / CVE 中文分析 13

KNIME 厂商相关 13 条 CVE 漏洞，含 AI 中文分析、POC、CVSS 评分与受影响产品。

KNIME 是开源数据分析平台，提供可视化工作流环境用于数据挖掘和机器学习。历史上常见漏洞包括远程代码执行、跨站脚本请求伪造和权限绕过，主要影响服务器端组件和插件系统。2021 年曾曝出高危漏洞允许攻击者通过特制工作流执行任意代码，平台已实施沙箱机制缓解此类风险。

上位製品 KNIME: KNIME Business Hub KNIME Analytics Platform KNIME Server

CVEs 13

CVE ID	タイトル	CVSS	深刻度	公開日
CVE-2026-4649	Auth bypass in Apache Artemis allows reading all internal messages — KNIME Business HubCWE-306	6.5	-	2026-03-24
CVE-2025-14262	Jobs can be saved as workflows with wrong permissions on KNIME Business Hub — KNIME Business HubCWE-708	6.5^AI	Medium^AI	2025-12-08
CVE-2025-11240	Open redirect vulnerability in KNIME Business Hub — KNIME Business HubCWE-601	6.1	-	2025-10-02
CVE-2025-11239	Job details are visible to all team members on KNIME Business Hub — KNIME Business HubCWE-863	4.3	-	2025-10-02
CVE-2025-3019	Cross-site scripting vulnerabilities in KNIME Business Hub web pages — KNIME Business HubCWE-79	6.1	-	2025-03-31
CVE-2025-2402	Hard-coded password for object store of KNIME Business Hub — KNIME Business HubCWE-259	9.8	-	2025-03-31
CVE-2025-2787	Ingress-nginx vulnerability in KNIME Business Hub — KNIME Business Hub	9.9^AI	Critical^AI	2025-03-26
CVE-2024-6598	Denial-of-service on KNIME Business Hub when certain jobs are executed — KNIME Business HubCWE-770	4.9^AI	Medium^AI	2024-07-09
CVE-2023-5562	Unsafe default allows for cross-site scripting attacks in KNIME Server and KNIME Business Hub — KNIME Analytics PlatformCWE-79	6.1	Medium	2023-10-12
CVE-2023-3140	KNIME Hub Web Application is vulnerable to clickjacking — KNIME Business HubCWE-1021	4.3	Medium	2023-06-07
CVE-2023-2541	Sensitive information disclosure in KNIME Hub Web Application — KNIME Business HubCWE-497	5.3	Medium	2023-06-07
CVE-2022-44749	Opening workflows from untrusted resources may override arbitrary file system contents — KNIME Analytics PlatformCWE-22	5.5	Medium	2022-11-24
CVE-2022-44748	Uploading workflows to KNIME Server may override arbitrary file system contents — KNIME ServerCWE-22	7.1	High	2022-11-24

本页汇总了 KNIME 厂商截至目前公开的全部 13 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接，并附带 AI 生成的中文分析以便快速判断风险。

目標達成 すべての支援者に感謝 — 100%達成しました！

KNIME 厂商漏洞列表 / CVE 中文分析 13

目標達成すべての支援者に感謝 — 100%達成しました！