CVE-2026-8590

Summary

Vulnerability in Spotfire Spotfire Enterprise (Spotfire Server modules), Spotfire Spotfire Enterprise with External Consumers (Spotfire Server modules), Spotfire Spotfire on Kubernetes (Spotfire Server modules).

This issue affects Spotfire Enterprise: through 14.0.12, through 14.4.2, through 14.5.0, through 14.6.1, through 14.6.2, through 14.7.0, through 14.8.0; Spotfire Enterprise with External Consumers: through 14.0.12, through 14.5.0, through 14.6.0, through 14.6.1, through 14.6.2, through 14.7.0, through 14.8.0; Spotfire on Kubernetes: through 4.2.0, 5.0.X, 6.0.X.

Affected Software

VendorProductVersion RangeStatus
SpotfireSpotfire Enterprise0 <= 14.0.12affected
SpotfireSpotfire Enterprise0 <= 14.4.2affected
SpotfireSpotfire Enterprise0 <= 14.5.0affected
SpotfireSpotfire Enterprise0 <= 14.6.1affected
SpotfireSpotfire Enterprise0 <= 14.6.2affected
SpotfireSpotfire Enterprise0 <= 14.7.0affected
SpotfireSpotfire Enterprise0 <= 14.8.0affected
SpotfireSpotfire Enterprise with External Consumers0 <= 14.0.12affected
SpotfireSpotfire Enterprise with External Consumers0 <= 14.5.0affected
SpotfireSpotfire Enterprise with External Consumers0 <= 14.6.0affected
SpotfireSpotfire Enterprise with External Consumers0 <= 14.6.1affected
SpotfireSpotfire Enterprise with External Consumers0 <= 14.6.2affected
SpotfireSpotfire Enterprise with External Consumers0 <= 14.7.0affected
SpotfireSpotfire Enterprise with External Consumers0 <= 14.8.0affected
SpotfireSpotfire on Kubernetes0 <= 4.2.0affected
SpotfireSpotfire on Kubernetes5.0.xaffected
SpotfireSpotfire on Kubernetes6.0.xaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References