{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T21:38:14.599","vulnerabilities":[{"cve":{"id":"CVE-2026-0542","sourceIdentifier":"psirt@servicenow.com","published":"2026-02-25T21:16:36.147","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"ServiceNow has addressed a remote code execution vulnerability that was identified in the ServiceNow AI platform.  This vulnerability could enable an unauthenticated user, in certain circumstances, to execute code within the ServiceNow Sandbox.   \n\n\n\n\n\nServiceNow addressed this vulnerability by deploying a security update to hosted instances. Relevant security updates also have been provided to ServiceNow self-hosted customers and partners. Further, the vulnerability is addressed in the listed patches and hot fixes. While we are not currently aware of exploitation against customer instances, we recommend customers promptly apply appropriate updates or upgrade if they have not already done so."},{"lang":"es","value":"ServiceNow ha abordado una vulnerabilidad de ejecución remota de código que fue identificada en la plataforma de IA de ServiceNow. Esta vulnerabilidad podría permitir a un usuario no autenticado, en ciertas circunstancias, ejecutar código dentro del sandbox de ServiceNow.\n\nServiceNow abordó esta vulnerabilidad desplegando una actualización de seguridad en las instancias alojadas. Las actualizaciones de seguridad relevantes también se han proporcionado a los clientes y socios de ServiceNow con autoalojamiento. Además, la vulnerabilidad se aborda en los parches y hot fixes listados. Si bien no tenemos conocimiento actual de explotación contra instancias de clientes, recomendamos a los clientes aplicar rápidamente las actualizaciones apropiadas o actualizar si aún no lo han hecho."}],"metrics":{"cvssMetricV40":[{"source":"psirt@servicenow.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.2,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}]},"weaknesses":[{"source":"psirt@servicenow.com","type":"Secondary","description":[{"lang":"en","value":"CWE-653"}]}],"references":[{"url":"https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2693566","source":"psirt@servicenow.com"}]}}]}