HCL Hive Telco Observability is affected by a Required directives missing from the CSP .
CVE-2025-59874

8.1HIGH

Key Information:

Vendor: HCL Software
Status: Hive
Vendor: CVE Published:; 4 June 2026

🔔 Create HCL Software Vulnerability Alert

What is CVE-2025-59874?

HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable.

Affected Version(s)

Hive 1.0

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 4, 2026
Vulnerability Reserved
Sep 22, 2025

CVE-2025-59874 Data

JSON