Known Vulnerabilities for products from Hcltech

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Hcltech".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-21837 json HCL Digital Experience is affected by an OS command injection vulnerability in the Digital Asset Management API.  An attacke... Not Provided 2026-06-05 2026-06-10
CVE-2026-21826 json HCL Digital Experience and HCL Digital Experience Compose could be susceptible to Host header injection.  An attacker can ma... Not Provided 2026-06-05 2026-06-10
CVE-2026-21825 json HCL Digital Experience Compose is affected by a reflected cross-site scripting (XSS) vulnerability in the search center.  An... Not Provided 2026-06-05 2026-06-10
CVE-2026-21791 json HCL Sametime for Android is impacted by a sensitive information disclosure. Hostnames information is written in application ... Not Provided 2026-03-10 2026-05-07
CVE-2026-21783 json HCL Traveler is affected by sensitive information disclosure.  The application generates some error messages that provide de... Not Provided 2026-03-24 2026-03-31
CVE-2026-21767 json HCL BigFix Platform is affected by insufficient authentication.  The application might allow users to access sensitive area... Not Provided 2026-04-02 2026-04-16
CVE-2026-21765 json HCL BigFix Platform is affected by insecure permissions on private cryptographic keys.  The private cryptographic keys locat... Not Provided 2026-04-02 2026-04-16
CVE-2025-62320 json HTML Injection can be carried out in Product when a web application does not properly check or clean user input before showin... Not Provided 2026-03-17 2026-05-11
CVE-2025-62319 json Boolean-Based SQL Injection is a type of blind SQL injection where an attacker manipulates SQL queries by injecting Boolean c... Not Provided 2026-03-16 2026-06-05
CVE-2025-59854 json HCL DFXAnalytics is affected by an Insecure Security Header Configuration vulnerability where the application utilizes the ou... Not Provided 2026-05-06 2026-05-07
CVE-2025-59853 json HCL DFXAnalytics is affected by an Improper Error Handling vulnerability where the application exposes detailed stack traces ... Not Provided 2026-05-06 2026-05-07
CVE-2025-59852 json HCL DFXAnalytics is affected by an Insufficient Transport Layer Protection vulnerability where data is transmitted over the... Not Provided 2026-05-06 2026-05-07
CVE-2025-59851 json HCL DFXAnalytics is affected by a Using Components with Known Vulnerabilities flaw where the application utilizes unpatched l... Not Provided 2026-05-06 2026-05-07
CVE-2025-55252 json HCL AION  version 2 is affected by a Weak Password Policy vulnerability. This can  allow the use of easily guessable passwo... Not Provided 2026-01-19 2026-04-25
CVE-2025-55251 json HCL AION is affected by an Unrestricted File Upload vulnerability. This can allow malicious file uploads, potentially resulti... Not Provided 2026-01-19 2026-04-25
CVE-2025-55250 json HCL AION version 2 is affected by a Technical Error Disclosure vulnerability. This can expose sensitive technical details, po... Not Provided 2026-01-19 2026-04-25
CVE-2025-55249 json HCL AION is affected by a Missing Security Response Headers vulnerability. The absence of standard security headers may weake... Not Provided 2026-01-19 2026-04-25
CVE-2025-52661 json HCL AION version 2 is affected by a JWT Token Expiry Too Long vulnerability. This may increase the risk of token misuse, pote... Not Provided 2026-01-19 2026-04-25
CVE-2025-52660 json HCL AION is affected by an Unrestricted File Upload vulnerability. This can allow malicious file uploads, potentially resulti... Not Provided 2026-01-19 2026-04-25
CVE-2025-52659 json HCL AION version 2 is affected by a Cacheable HTTP Response vulnerability. This may lead to unintended storage of sensitive o... Not Provided 2026-01-19 2026-04-25
Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Hcltech

Type Vendor Product Version
ApplicationHcltechAppscan-
ApplicationHcltechAppscan Source-
ApplicationHcltechBigfix Platform10.0.2
ApplicationHcltechBigfix Webui-
ApplicationHcltechConnections5.5
ApplicationHcltechDigital Experience8.5
ApplicationHcltechDomino-
ApplicationHcltechHcl Digital Experience8.5
ApplicationHcltechHcl Domino10.0.1
ApplicationHcltechHcl Inotes10.0.1
ApplicationHcltechHcl Nomad1.0
ApplicationHcltechNotes10.0
ApplicationHcltechSelf-service Application3.0.0
ApplicationHcltechTraveler10.0.0.0
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report