VYPR

Pentaho Analytics

by Hitachi

CVEs (1)

  • CVE-2025-11158CriMar 10, 2026
    risk 0.59cvss 9.1epss 0.00

    Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.6, including 9.3.x and 8.3.x, do not restrict Groovy scripts in new PRPT reports published by users, allowing insertion of arbitrary scripts and leading to a RCE.