Low severity3.1NVD Advisory· Published Oct 10, 2025· Updated Apr 15, 2026

CVE-2025-52655

Description

Inclusion of Functionality from Untrusted Control Sphere vulnerability in HCL MyXalytics. v6.6 allows Loading third-party scripts without integrity checks or validation can allow external code run in the application's context, risking data exposure.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.hcl-software.com/csmnvd

News mentions

No linked articles in our index yet.

cvss	0.202
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000