CVE-2025-11159

Published: Mag 13, 2026 Last Modified: Mag 13, 2026

ExploitDB:

Other exploit source:

Google Dorks:

CRITICAL 9,1

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: high

User Interaction: none

Scope: changed

Confidentiality: high

Integrity: high

Availability: high

Description

AI Translation Available

Hitachi Vantara Pentaho Data Integration & Analytics of all versions contain a JDBC driver for H2 databases which is vulnerable to external script execution when a new connection is created by a data source administrator.

https://support.pentaho.com/hc/en-us/articles/3995464040807…

https://support.pentaho.com/hc/en-us/articles/39954640408077--Resolved-Hitachi-…

CVE-2025-11159

Description

Iscriviti alla newsletter