PT-2026-57852 · Servicenow · Servicenow Ai Platform

Published

2026-07-13

·

Updated

2026-07-13

·

CVE-2026-6875

CVSS v4.0

9.5

Critical

VectorAV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Name of the Vulnerable Software and Affected Versions ServiceNow AI platform (affected versions not specified)
Description An issue in the ServiceNow AI platform allows an unauthenticated user to execute arbitrary code within the platform under certain circumstances. Remote code execution refers to the ability of an attacker to run commands on a remote machine or server.
Recommendations Apply the security updates provided by ServiceNow or upgrade to a patched family release.

Fix

RCE

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-6875

Affected Products

Servicenow Ai Platform