Vulnerability Details CVE-2026-2253
Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.7 and 11.0.0.0, including 9.3.x and 8.3.x, does not prevent certain XML parsers from resolving external entities.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 10.0%
CVSS Severity
CVSS v3 Score 7.7