Servicenow Ai Platform vulnerabilities
4 known vulnerabilities affecting servicenow/servicenow_ai_platform.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2026-0542P2CRITICALCVSS 9.2fixed in Australiafixed in Zurich Patch 5+4 more2026-02-25
CVE-2026-0542 [CRITICAL] CWE-653 CVE-2026-0542: ServiceNow has addressed a remote code execution vulnerability that was identified in the ServiceNow
ServiceNow has addressed a remote code execution vulnerability that was identified in the ServiceNow AI platform. This vulnerability could enable an unauthenticated user, in certain circumstances, to execute code within the ServiceNow Sandbox.
ServiceNow addressed this vulnerability by deploying a security update to hosted instances. Relevant secu
nvd
CVE-2025-3089P4MEDIUMCVSS 5.3≥ Aspen, < Washington DC Patch 10 Hot Fix 2a≥ Aspen, < Xanadu Patch 7a+4 more2025-08-12
CVE-2025-3089 [MEDIUM] CWE-639 CVE-2025-3089: ServiceNow has addressed a Broken Access Control vulnerability that was identified in the ServiceNow
ServiceNow has addressed a Broken Access Control vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could allow a low privileged user to bypass access controls and perform a limited set of actions typically reserved for higher privileged users, potentially leading to unauthorized data modifications. This issue is addre
nvd
CVE-2025-11450P4MEDIUMCVSS 5.3fixed in Washington DC Patch 10 Hot Fix 7bfixed in Xanadu Patch 10 Hot Fix 1a+8 more2025-10-10
CVE-2025-11450 [MEDIUM] CWE-79 CVE-2025-11450: ServiceNow has addressed a reflected cross-site scripting vulnerability that was identified in the S
ServiceNow has addressed a reflected cross-site scripting vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could result in arbitrary code being executed within the browsers of ServiceNow users who click on a specially crafted link.
ServiceNow has addressed this vulnerability by deploying a relevant security update
nvd
CVE-2025-11449P4MEDIUMCVSS 5.3fixed in Washington DC Patch 10 Hot Fix 7bfixed in Xanadu Patch 10 Hot Fix 1a+8 more2025-10-10
CVE-2025-11449 [MEDIUM] CWE-79 CVE-2025-11449: ServiceNow has addressed a reflected cross-site scripting vulnerability that was identified in the S
ServiceNow has addressed a reflected cross-site scripting vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could result in arbitrary code being executed within the browsers of ServiceNow users who click on a specially crafted link.
ServiceNow has addressed this vulnerability by deploying a relevant security update
nvd