Unrated severityNVD Advisory· Published Mar 11, 2026· Updated Mar 12, 2026

HCL Nomad server on Domino is affected by a missing default frame-ancestors directive

CVE-2025-62328

Description

HCL Nomad server on Domino did not configure the frame-ancestors directive in the Content-Security-Policy header by default which could allow an attacker to obtain sensitive information via unspecified vectors.

Affected products

HCL Software/Nomad serverllm-create
HCLSoftware/Nomad server on Dominov5
Range: <1.0.19

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.hcl-software.com/csmmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000