CVE-2026-2253
EUVD-2026-3204727.05.2026, 04:16
Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.7 and 11.0.0.0, including 9.3.x and 8.3.x, does not prevent certain XML parsers from resolving external entities.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| hitachi | vantara_pentaho_data_integration_and_analytics | 𝑥 < 10.2.0.7 |
| hitachi | vantara_pentaho_data_integration_and_analytics | 10.2.0.8 < 𝑥 < 11.0.0.0 |
| hitachi | vantara_pentaho_data_integration_and_analytics | 8.3 |
| hitachi | vantara_pentaho_data_integration_and_analytics | 9.3 |
𝑥
= Vulnerable software versions