Sametime
Sign in to watchby HCLTech
CVEs (2)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-21791 | Low | 0.21 | 3.3 | 0.00 | Mar 10, 2026 | HCL Sametime for Android is impacted by a sensitive information disclosure. Hostnames information is written in application logs and certain URL | |
| CVE-2025-31966 | Low | 0.18 | 2.7 | 0.00 | Mar 17, 2026 | HCL Sametime is vulnerable to broken server-side validation. While the application performs client-side input checks, these are not enforced by the web server. An attacker can bypass these restrictions by sending manipulated HTTP requests directly to the server. |