cvedb.io
CVE-2025-11240
HIGH · CVSS 7.2
EPSS exploitation probability: 0%
Published 2025-10-02T13:15:31.370 · Last modified 2026-06-17T08:29:56.163

Summary

An open redirect vulnerability existed in KNIME Business Hub prior to version 1.16.0. An unauthenticated remote attacker could craft a link to a legitimate KNIME Business Hub installation which, when opened by the user, redirects the user to a page of the attackers choice. This might open the possibility for fishing or other similar attacks. The problem has been fixed in KNIME Business Hub 1.16.0.

Affected products

knime — business_hub

Does this affect you?

Add your gear to cvedb and we'll alert you only when knime ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.