Connections Docs
by HCL Software
CVEs (24)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-52603 | 0.00 | — | 0.00 | Feb 20, 2026 | HCL Connections is vulnerable to information disclosure. In a very specific user navigation scenario, this could allow a user to obtain limited information when a single piece of internal metadata is returned in the browser. | |||
| CVE-2025-52639 | 0.00 | — | 0.00 | Nov 18, 2025 | HCL Connections is vulnerable to a sensitive information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper rendering of application data. | |||
| CVE-2025-31961 | 0.00 | — | 0.00 | Aug 15, 2025 | HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios. | |||
| CVE-2025-31987 | 0.00 | — | 0.00 | Aug 14, 2025 | HCL Connections Docs may mishandle validation of certain uploaded documents leading to denial of service due to resource exhaustion. |
- CVE-2025-52603Feb 20, 2026risk 0.00cvss —epss 0.00
HCL Connections is vulnerable to information disclosure. In a very specific user navigation scenario, this could allow a user to obtain limited information when a single piece of internal metadata is returned in the browser.
- CVE-2025-52639Nov 18, 2025risk 0.00cvss —epss 0.00
HCL Connections is vulnerable to a sensitive information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper rendering of application data.
- CVE-2025-31961Aug 15, 2025risk 0.00cvss —epss 0.00
HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.
- CVE-2025-31987Aug 14, 2025risk 0.00cvss —epss 0.00
HCL Connections Docs may mishandle validation of certain uploaded documents leading to denial of service due to resource exhaustion.
Page 2 of 2