Known Vulnerabilities for AION by HCL Software

Listed below are 8 of the newest known vulnerabilities associated with "AION" by "HCL Software".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2025-52649 json HCL AION is affected by a vulnerability where certain identifiers may be predictable in nature. Predictable identifiers may a... Not Provided 2026-03-16 2026-03-17
CVE-2025-52645 json HCL AION is affected by a vulnerability where model packaging and distribution mechanisms may not include sufficient authenti... Not Provided 2026-03-16 2026-03-16
CVE-2025-52643 json HCL AION is affected by a vulnerability where untrusted file parsing operations are not executed within a properly isolated s... Not Provided 2026-03-16 2026-03-16
CVE-2025-52641 json HCL AION is affected by a vulnerability where certain system behaviours may allow exploration of internal filesystem structur... Not Provided 2026-04-15 2026-04-15
CVE-2025-52636 json HCL AION is affected by a vulnerability related to the handling of upload size limits. Improper control or validation of uplo... Not Provided 2026-03-16 2026-03-16
CVE-2025-52628 json HCL AION is affected by a Cookie with Insecure, Improper, or Missing SameSite vulnerability. This can allow cookies to be se... Not Provided 2026-02-03 2026-02-03
CVE-2025-52627 json Root File System Not Mounted as Read-Only configuration vulnerability. This can allow unintended modifications to critical sy... Not Provided 2026-02-03 2026-02-03
CVE-2025-52626 json A Potential Command Injection vulnerability in HCL AION.  An This can allow unintended command execution, potentially lead... Not Provided 2026-02-03 2026-02-03
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report