CVE-2026-21837

Vulnerability Description

HCL Digital Experience is affected by an OS command injection vulnerability in the Digital Asset Management API. An attacker may execute arbitrary operating system commands, typically inheriting the privileges of the vulnerable application, which could possibly lead to a complete system takeover and data compromise.

Vulnerability Details

Published Date

June 05, 2026

Last Modified

June 05, 2026

CWE ID

CWE-78

Source

NVD

Vendor

HCLSoftware

Product

Digital Experience

External References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0130849

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment