CVE-2025-31995NVD

Vulnerability Summary

HCL Unica MaxAI Workbench is vulnerable to improper input validation. This allows attackers to exploit vulnerabilities such as SQL Injection, XSS, or command injection, leading to unauthorized access or data breaches, etc.

Severity Level

LOW(3.5)

Published Date

Oct 13, 2025

Last Modified

Oct 13, 2025

Exploitation Status

No confirmed exploitation yet

EPSS Score (30-Day)

Data Pending

Root Weakness (CWE)

CWE-20: Improper Input Validation ↗

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required.

CVSS v3.1 Base Metrics

Attack VectorNetwork

Attack ComplexityLow

Privileges RequiredLow

User InteractionRequired

ScopeUnchanged

ConfidentialityNone

IntegrityLow

AvailabilityNone

External References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0124425

Critical Alert 1 Active Exploit Detected Today

CVE Watchtower

CVE-2025-31995NVD

Vulnerability Summary

External References