Data Exposure Vulnerability in Johnson & Johnson Campus Recruiting System
CVE-2026-57912

7.5HIGH

Key Information:

Vendor: Johnson & Johnson
Status: Campus Recruiting
Vendor: CVE Published:; 26 June 2026

🔔 Create Johnson & Johnson Vulnerability Alert

What is CVE-2026-57912?

The Johnson & Johnson Campus Recruiting system, prior to 2025-10-31, is susceptible to a vulnerability that allows unauthorized access to sensitive data. This includes personal information provided by recruited students and private notes made by interviewers regarding candidates. This flaw compromises the confidentiality of students' data, potentially leading to privacy violations and misuse of information.

Affected Version(s)

Campus Recruiting 0 < 2025-10-31

References

https://eaton-works.com/2026/06/24/jnj-webapp-hacks/

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 26, 2026
Vulnerability Reserved
Jun 26, 2026

CVE-2026-57912 Data

JSON