CVE-2025-55251CRITICAL 9.8EPSS p7.4%

CVE-2025-55251CVE-2025-55251

Description

HCL AION is affected by an Unrestricted File Upload vulnerability. This can allow malicious file uploads, potentially resulting in unauthorized code execution or system compromise.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.18% probability of exploitation · percentile 7.4% · 2026-06-18T12:00:27Z
Published2026-01-19
Last modified2026-04-25

Underlying weaknesses· 1

CWE-434

References

  1. https://support.hcl-software.com/kb_view.do?sys_kb_id=4b92474633de7ad4159a05273e5c7b4b&searchTerm=kb0127995#

1

TypeTargetConfidenceTier
WeaknessUnrestricted Upload of File with Dangerous Typecwe-4340%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-52660
CVE
CVE-2025-52626
CVE
CVE-2025-52648
CVE
CVE-2025-55252
CVE
CVE-2025-52644
CVE
CVE-2025-55267
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.