Unrated severityNVD Advisory· Published Jun 19, 2026

HCL Verse for Android is susceptible to an injection vulnerability

CVE-2026-21768

Description

The compose-rich-editor library (v1.0.0-rc14) used in HCL Verse for Android's rich text email composition fails to properly validate all HTML input thereby allowing malicious content to be executed in certain situations.

Affected products

HCL Software/Verse For Androidllm-fuzzy

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.hcl-software.com/csmmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000