Pentaho data integration and analytics
This hub aggregates every CVE we track for Pentaho data integration and analytics, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
8
CVEs tracked
2
Critical
3
High
0
In CISA KEV
Severity distribution
HIGH3MEDIUM3CRITICAL2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
0
0
1
0
4
0
0
2024-082026-07
Latest CVEs
The 8 most recently published vulnerabilities affecting Pentaho data integration and analytics.
- CVE-2026-2253Hitachi Vantara Pentaho Data Integration & Analytics - Improper Restriction of XML External Entity Reference7.7
- CVE-2026-2255Hitachi Vantara Pentaho Data Integration & Analytics - Insufficiently Protected Credentials4.3
- CVE-2026-2254Hitachi Vantara Pentaho Data Integration & Analytics - Incorrect Permission Assignment for Critical Resource6.3
- CVE-2025-11159Hitachi Vantara Pentaho Data Integration & Analytics - Dependency on Vulnerable Third-Party Component9.1
- CVE-2025-11158Hitachi Vantara Pentaho Data Integration & Analytics - Missing Authorization9.1
- CVE-2025-9121Hitachi Vantara Pentaho Business Analytics Server - Deserialization of Untrusted Data8.8
- CVE-2025-9122Hitachi Vantara Pentaho Business Analytics Server - Generation of Error Message Containing Sensitive Information5.3
- CVE-2023-3517Hitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection')8.5
Product normalization is registry-driven with AI assist and human review. How it works