Medium severity4.3NVD Advisory· Published Mar 24, 2026· Updated Mar 31, 2026

CVE-2026-21783

Description

HCL Traveler is affected by sensitive information disclosure. The application generates some error messages that provide detailed information about errors and failures, such as internal paths, file names, sensitive tokens, credentials, error codes, or stack traces. Attackers could exploit this information to gain insights into the system's architecture and potentially launch targeted attacks.

Affected products

HCLTech/Traveler
cpe:2.3:a:hcltech:traveler:*:*:*:*:*:*:*:*
Range: <14.5.1.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.hcl-software.com/csmnvdVendor Advisory

News mentions

Helping Romance Scam Victims Requires a Proactive, Empathic Approach
Dark Reading · Apr 24, 2026

cvss	0.280
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000