Browse all 4 CVE security advisories affecting Spotfire. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Spotfire serves as a data analytics and visualization platform enabling business intelligence through interactive dashboards and data exploration. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and access control flaws. The platform's web interface and integration capabilities have been primary attack vectors. While no major public security incidents have been widely documented, the 4 CVEs on record highlight potential risks in its deployment. Organizations implementing Spotfire should prioritize regular patching and secure configuration to mitigate these common web application security challenges.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-3115 | Spotfire Data Function Vulnerability — Spotfire Statistics Services | 9.8AI | CriticalAI | 2025-04-09 |
| CVE-2025-3114 | Spotfire Code Execution Vulnerability — Spotfire Enterprise Runtime for R | 7.8AI | HighAI | 2025-04-09 |
| CVE-2024-3331 | Spotfire: NTLM token leakage — Spotfire Enterprise Runtime for R - Server Edition | 6.8 | Medium | 2024-06-27 |
| CVE-2024-3330 | Spotfire Remote Code Execution Vulnerability — Spotfire Analyst | 9.9 | Critical | 2024-06-27 |
This page lists every published CVE security advisory associated with Spotfire. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.