Auth bypass in Knime Business Hub

CVE-2026-4649

Apache Artemis before version 2.52.0 is affected by an authentication bypass flaw which allows reading all messages exchanged via the broker and injection of new message ( CVE-2026-27446 https://www.cve.org/CVERecord ). Since KNIME Busines…

Vulnerability class: Broken Authentication

EPSS: 0.001 (24.6th percentile) — read the EPSS interpretation.

Affected products

Knime Business Hub — versions 1.17.0, 1.16.0, 0.0.0

Weakness classification (CWE)

CWE-306 — Missing Authentication for Critical Function

References

www.knime.com/security/advisories