CVE-2026-21837EPSS p55.6%

CVE-2026-21837CVE-2026-21837

hcltech / digital_experience

Description

HCL Digital Experience is affected by an OS command injection vulnerability in the Digital Asset Management API.  An attacker may execute arbitrary operating system commands, typically inheriting the privileges of the vulnerable application, which could possibly lead to a complete system takeover and data compromise.

Scoring

CVSS 8.8 ()
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.92% probability of exploitation · percentile 55.6% · 2026-06-18T12:00:27Z
Last modified2026-06-10

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-21826
CVE
CVE-2026-21825
CVE
CVE-2025-55270
CVE
CVE-2025-62338
CVE
CVE-2025-55267
CVE
CVE-2026-2630
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.