PT-2026-57852 · Servicenow · Servicenow Ai Platform
Published
2026-07-13
·
Updated
2026-07-13
·
CVE-2026-6875
CVSS v4.0
9.5
Critical
| Vector | AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
ServiceNow AI platform (affected versions not specified)
Description
An issue in the ServiceNow AI platform allows an unauthenticated user to execute arbitrary code within the platform under certain circumstances. Remote code execution refers to the ability of an attacker to run commands on a remote machine or server.
Recommendations
Apply the security updates provided by ServiceNow or upgrade to a patched family release.
Fix
RCE
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Servicenow Ai Platform