HCL Connections Vulnerability Allowing Unauthorized Data Manipulation
CVE-2026-21789

4.6MEDIUM

Key Information:

Vendor: HCL Softwaresoftware
Status: Connections
Vendor: CVE Published:; 18 May 2026

🔔 Create HCL Softwaresoftware Vulnerability Alert

What is CVE-2026-21789?

HCL Connections is affected by a vulnerability that involves broken access control, which could permit an unauthorized user to update data in specific cases. This flaw poses significant risks by potentially allowing malicious actors to alter sensitive information without appropriate permissions, emphasizing the necessity for timely updates and robust security measures.

Affected Version(s)

Connections 8.0

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

CVSS V3.1

Score:

4.6

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 18, 2026
Vulnerability Reserved
Jan 5, 2026

CVE-2026-21789 Data

JSON