hcl software

Top products

The 15 most recently published vulnerabilities affecting hcl software.

• CVE-2025-59872HCL ZIE for Web is affetced by an Unrestricted File Upload vulnerability,4.3Jun 17, 2026
• CVE-2025-62340HCL iControl was affected by Inadequate Session Timeout vulnerability3.1Jun 17, 2026
• CVE-2025-31974HCL BigFix Service Management (SM) is susceptible to a Root File System Not Mounted as Read-Only3.9May 6, 2026
• CVE-2025-31976HCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentials4.8May 6, 2026
• CVE-2025-31978HCL BigFix Service Management (SM) does not adequately sanitize or safely render4.6May 6, 2026
• CVE-2025-31959HCL BigFix Service Management (SM) application fails to strip EXIF metadata from uploaded images.3.5May 6, 2026
• CVE-2025-31982HCL BigFix Service Management (SM) had directories that were not linked or publicly visible but could be accessed directl3.7May 6, 2026
• CVE-2025-31957HCL BigFix Service Management (SM) is affected by a Cross‑Site Request Forgery (CSRF) vulnerability.2.6May 6, 2026
• CVE-2025-59873Session Token Exposure via URL Query Parameters5.9Feb 23, 2026
• CVE-2025-55252HCL AION is affected by a Weak Password Policy vulnerability3.1Jan 19, 2026
• CVE-2025-55250HCL AION is affected by a Technical Error Disclosure vulnerability1.8Jan 19, 2026
• CVE-2025-52661HCL AION version 2 is affected by a JWT Token Expiry Too Long vulnerability. This may increase the risk of token misuse, potentially resulting in unauthorized access if the token is compromised.2.4Jan 19, 2026
• CVE-2025-55249HCL AION is affected by a Missing Security Response Headers vulnerability.3.5Jan 19, 2026
• CVE-2025-52659HCL AION is affected by a Cacheable HTTP Response vulnerability2.8Jan 19, 2026
• CVE-2025-52660HCL AION is affected by an Host Header Injection vulnerability2.7Jan 19, 2026