Web Security Flaw in HCL DevOps Loop Exposes Users to Risk
CVE-2026-21762

3.7LOW

Key Information:

Vendor
CVE Published:
17 July 2026

What is CVE-2026-21762?

HCL DevOps Loop has a significant vulnerability due to the absence of critical HTTP security headers. This flaw can weaken browser defenses against prevalent web threats, including clickjacking, MIME-type sniffing, and cross-site scripting attacks. Proper implementation of HTTP security headers is essential to safeguard applications from these vulnerabilities and enhance overall web security.

Affected Version(s)

DevOps Loop 2.0.0

References

CVSS V3.1

Score:
3.7
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.