PT-2026-42166 · Hcl · Dominoiq

CVE-2026-21836

·

Published

2026-05-20

·

Updated

2026-05-20

CVSS v3.1

6.5

Medium

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions HCL DominoIQ (affected versions not specified)
Description The RAG feature is affected by broken access control. Under certain circumstances, document level access restrictions are ignored when determining the data returned from an AI query, which could allow an authenticated attacker to view sensitive data.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-21836

Affected Products

Dominoiq