Container Authentication Flaw in HCL AION
CVE-2025-52638

5.6MEDIUM

Key Information:

Vendor: HCL Software
Status: Aion
Vendor: CVE Published:; 16 March 2026

🔔 Create HCL Software Vulnerability Alert

What is CVE-2025-52638?

HCL AION is vulnerable due to improper authentication of container base images, enabling the usage of untrusted images. This vulnerability can result in unintended system behavior and poses significant security risks by allowing malicious entities to execute potentially harmful code within the environment. It emphasizes the importance of verifying the source of container images to maintain the integrity of applications.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

AION 2.0

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

CVSS V3.1

Score:

5.6

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Mar 16, 2026
Vulnerability Reserved
Jun 18, 2025

JSON

HCL Software

What is CVE-2025-52638?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.