CVE-2026-21760

CVE-2026-21760CVE-2026-21760

Description

HCL DevOps Loop is affected by an Unauthorized Access to Admin Functionality (Forced Browsing) vulnerability. Improper authorization checks may allow unauthorized users to access restricted administrative functionality by directly accessing protected application endpoints.

Scoring

CVSS 4.6 ()
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
Last modified2026-07-17
Sourced from NVD. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.