Home > Vulnerability Database > CVE-2025-58441

Mend.io Vulnerability Database

CVE-2025-58441

Good to know:

Date: January 7, 2026

Knowage is an open source analytics and business intelligence suite. Prior to version 8.1.37, there is a blind server-side request forgery vulnerability. The vulnerability allows attackers to send requests to arbitrary hosts/paths. Since the attacker is not able to read the response, the impact of this vulnerability is limited. However, an attacker should be able to leverage this vulnerability to scan the internal network. This issue has been patched in version 8.1.37.

Severity Score

5.3

Related Resources (3)

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-58441

Url: https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-m6x8-wh9v-6jxp

Url: https://www.mend.io/vulnerability-database/CVE-2025-58441

Severity Score

5.3

Weakness Type (CWE)

Server-Side Request Forgery (SSRF)

CWE-918

Top Fix

Upgrade Version

Upgrade to version https://github.com/KnowageLabs/Knowage-Server.git - v8.1.37

Learn More

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2025-58441

Good to know:

Date: January 7, 2026

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?