Multiple vulnerabilities in HCL BigFix Compliance (Ruby) allowing code execution, security bypass, data manipulation, information disclosure, and denial of service

72% confidence

Description

Multiple vulnerabilities in HCL BigFix Compliance (Ruby) can be exploited by an attacker to execute arbitrary code, bypass security measures, manipulate data, disclose confidential information, or cause a denial-of-service condition.

Affected Products

Vendor	Product	Versions
hcl	bigfix compliance (ruby)	—

Related News (1 articles)

Tier B

BSI Advisories3h ago

[NEU] [hoch] HCL BigFix Compliance (Ruby): Mehrere Schwachstellen

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

PublishedJun 29, 2026

Last enriched3h ago

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2025-15619EXP

HCL Connections is vulnerable to broken access control

Trending: 21

HIGHCVE-2025-59868

HCL Traveler for Microsoft Outlook (HTMO) is susceptible to sensitive data exposure

Trending: 18

HIGHCVE-2023-37524

HCL Traveler for Microsoft Outlook (HTMO) is susceptible to vulnerabilities due to .NET Framework 4.5 being out of service

Trending: 15

MEDIUMCVE-2026-21768

HCL Verse for Android is susceptible to an injection vulnerability

Trending: 8

LOWCVE-2025-62340EXP

HCL iControl was affected by Inadequate Session Timeout vulnerability

Trending: 6

Pin to Dashboard

Verification

State: reported

Confidence: 72%

Vulnerability Timeline

CVE Published

Jun 29, 2026

Discovered by ZDM

Jun 29, 2026