CVE-2025-14262

🗓️ 08 Dec 2025 09:34:45Reported by KNIMEType

Authenticated users could save others' jobs as their own in KNIME Business Hub before 1.17.0 due to incorrect owner permissions.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2025-14262	25 Mar 202603:00	–	circl
CNNVD	KNIME Business Hub 安全漏洞	8 Dec 202500:00	–	cnnvd
Cvelist	CVE-2025-14262 Jobs can be saved as workflows with wrong permissions on KNIME Business Hub	8 Dec 202509:34	–	cvelist
EUVD	EUVD-2025-201697	8 Dec 202509:34	–	euvd
NVD	CVE-2025-14262	8 Dec 202510:16	–	nvd
OSV	CVE-2025-14262	8 Dec 202510:16	–	osv
Positive Technologies	PT-2025-49540	8 Dec 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-14262	10 Dec 202518:13	–	redhatcve
Vulnrichment	CVE-2025-14262 Jobs can be saved as workflows with wrong permissions on KNIME Business Hub	8 Dec 202509:34	–	vulnrichment

NVD

Node

knime business_hubRange<1.17.0

[
  {
    "defaultStatus": "affected",
    "modules": [
      "execution and catalog functionality"
    ],
    "product": "KNIME Business Hub",
    "vendor": "KNIME",
    "versions": [
      {
        "lessThan": "1.17.0",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "status": "unaffected",
        "version": "1.17.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
knime	www.knime.com/security/advisories

27 Feb 2026 03:38Current

6.3Medium risk

Vulners AI Score6.3

CVSS 3.14.3

CVSS 45.3

EPSS0.00035

SSVC

CWE-708