CVE-2026-4649 MEDIUM

CVE-2026-4649: Auth bypass in Apache Artemis allows reading all internal messages

Vendor Knime

Product KNIME Business Hub

Weakness CWE-306 · Missing auth

Published March 24, 2026

Last update March 24, 2026

View on NVD All CVEs

CVSS base score

5.3/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/AU:Y/R:U/V:C/RE:M/U:Amber

What the vulnerability does

Description

Apache Artemis before version 2.52.0 is affected by an authentication bypass flaw which allows reading all messages exchanged via the broker and injection of new message ( CVE-2026-27446 https://www.cve.org/CVERecord ). Since KNIME Business Hub uses Apache Artemis it is also affected by the issue. However, since Apache Artemis is not exposed to the outside it requires at least normal user privileges and the ability to execute workflows in an executor. Such a user can install and register a federated mirror without authentication to the original Apache Artemis instance and thereby read all internal messages and inject new messages. The issue affects all versions of KNIME Business Hub. A fixed version of Apache Artemis is shipped with versions 1.18.0, 1.17.4, and 1.16.3. We recommend updating to a fixed version as soon as possible since no workaround is known.

Key dates

Disclosure timeline

March 24, 2026 CVE published

March 24, 2026 Record updated

Identifiers

CVE CVE-2026-4649

CWE CWE-306

CVSS 5.3 / MEDIUM

Affected versions

Vendor Knime

Product KNIME Business Hub

Affected ≥ 1.17.0 and < 1.17.4

Vendor Knime

Product KNIME Business Hub

Affected ≥ 1.16.0 and < 1.16.3

Vendor Knime

Product KNIME Business Hub

Affected ≥ 0.0.0 and < 1.15.2