| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-0542 | Remote Code Execution in ServiceNow AI Platform | ServiceNow | ServiceNow AI Platform | - | - | 2026-02-25 20:35:27 | Deep Dive |
| CVE-2025-12420 | Unauthenticated Privilege Escalation in ServiceNow AI Platform | ServiceNow | Now Assist AI Agents | - | - | 2026-01-12 21:29:37 | Deep Dive |
| CVE-2025-11449 | Reflected Cross Site Scripting in ServiceNow AI Platform | ServiceNow | ServiceNow AI Platform | - | - | 2025-10-10 01:15:41 | Deep Dive |
| CVE-2025-11450 | Reflected Cross Site Scripting in ServiceNow AI Platform | ServiceNow | ServiceNow AI Platform | - | - | 2025-10-10 01:09:55 | Deep Dive |
| CVE-2025-3089 | Broken Access Control in ServiceNow AI Platform | ServiceNow | ServiceNow AI Platform | - | - | 2025-08-12 16:06:40 | Deep Dive |
| CVE-2025-3648 | Data Inference in Now Platform via Conditional ACLs | ServiceNow | Now Platform | - | - | 2025-07-08 16:07:12 | Deep Dive |
| CVE-2025-0337 | Authorization bypass in Now Platform | ServiceNow | Now Platform | Medium | 6.5 | 2025-03-06 16:29:12 | Deep Dive |
| CVE-2024-5890 | HTML Injection in the Assessment plugin | ServiceNow | Now Platform | Medium | 4.3 | 2024-12-02 18:24:56 | Deep Dive |
| CVE-2024-8924 | Unauthenticated Blind SQL Injection in Core Platform | ServiceNow | Now Platform | High | 7.5 | 2024-10-29 16:14:39 | Deep Dive |
| CVE-2024-8923 | Sandbox Escape in Now Platform | ServiceNow | Now Platform | Critical | 9.8 | 2024-10-29 16:07:07 | Deep Dive |
| CVE-2024-5217 | Incomplete Input Validation in GlideExpression Script | ServiceNow | Now Platform | Critical | 9.8 | 2024-07-10 16:28:33 | Deep Dive |
| CVE-2024-5178 | Incomplete Input Validation in SecurelyAccess API | ServiceNow | Now Platform | Medium | 4.9 | 2024-07-10 16:23:39 | Deep Dive |
| CVE-2024-4879 | Jelly Template Injection Vulnerability in ServiceNow UI Macros | ServiceNow | Now Platform | Critical | 9.8 | 2024-07-10 16:16:40 | Deep Dive |
| CVE-2023-37518 | A code injection vulnerability affects HCL BigFix ServiceNow Data Flow | HCL Software | BigFix ServiceNow Data Flow | Medium | 6.4 | 2024-01-30 15:30:51 | Deep Dive |
| CVE-2023-3442 | Missing Authorization in Jenkins plug-in for ServiceNow DevOps | ServiceNow | Jenkins plug-in for ServiceNow DevOps | High | 7.7 | 2023-07-26 18:32:20 | Deep Dive |
| CVE-2023-3414 | Cross-Site Request Forgery (CSRF) in Jenkins Plug-in for ServiceNow DevOps | ServiceNow | Jenkins plug-in for ServiceNow DevOps | Medium | 6.1 | 2023-07-26 18:20:18 | Deep Dive |
| CVE-2023-1298 | ServiceNow 跨站脚本漏洞 | ServiceNow | Now User Experience | Medium | 4.3 | 2023-07-06 17:13:28 | Deep Dive |
| CVE-2022-43684 | ACL bypass in Reporting functionality | ServiceNow | Now Platform | Critical | 9.9 | 2023-06-13 18:51:40 | Deep Dive |
| CVE-2023-1209 | ServiceNow 跨站脚本漏洞 | ServiceNow | ServiceNow Records | Medium | 4.3 | 2023-05-23 16:41:28 | Deep Dive |
| CVE-2022-46389 | Cross-Site Scripting (XSS) vulnerability found on logout functionality | ServiceNow | Now Platform | Medium | 6.1 | 2023-04-17 00:00:00 | Deep Dive |