Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…

CVE-2026-6875: Vulnerability in ServiceNow ServiceNow AI Platform

0
Critical
VulnerabilityCVE-2026-6875cvecve-2026-6875
Published: 07/13/2026 (07/13/2026, 18:17:27 UTC)
Source: CVE Database V5
Vendor/Project: ServiceNow
Product: ServiceNow AI Platform

Description

ServiceNow has addressed a remote code execution vulnerability that was identified in the ServiceNow AI platform. This vulnerability could enable an unauthenticated user, in certain circumstances, to execute code within the ServiceNow platform. ServiceNow addressed this vulnerability by deploying a security update to hosted instances. Relevant security updates have also been provided to ServiceNow self-hosted customers and partners. Further, the vulnerability is addressed in the listed patches and family releases, which have been made available to hosted and self-hosted customers, as well as partners. We are not currently aware of exploitation against ServiceNow instances. We recommend customers promptly apply appropriate updates or upgrade to a patched release if they have not already done so.

CVSS v4.0

Score 9.5critical

Attack Vector
Network
Attack Complexity
High
Attack Requirements
None
Privileges Required
None
User Interaction
None
Vuln. Confidentiality
High
Vuln. Integrity
High
Vuln. Availability
High
Subsq. Confidentiality
High
Subsq. Integrity
High
Subsq. Availability
High
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 07/13/2026, 18:47:30 UTC

Technical Analysis

CVE-2026-6875 is a remote code execution vulnerability affecting the ServiceNow AI Platform. It permits unauthenticated users to execute code within the platform under specific circumstances. ServiceNow has addressed this issue by deploying security updates to its cloud-hosted instances and distributing patches to self-hosted customers and partners. The vendor manages remediation for the cloud service, and no active exploitation has been observed to date.

Potential Impact

Successful exploitation could allow an unauthenticated attacker to execute arbitrary code on the ServiceNow platform, potentially compromising the confidentiality, integrity, and availability of the affected system. Given the critical CVSS score of 9.5, the impact is severe. However, there are no reports of exploitation in the wild at this time.

Mitigation Recommendations

ServiceNow has deployed security updates to hosted instances and provided patches to self-hosted customers and partners. The vendor manages remediation for the cloud-hosted service. Customers should promptly apply the appropriate updates or upgrade to a patched release if they have not already done so. Patch status is confirmed as available.

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Data Version
5.2
Assigner Short Name
SN
Date Reserved
2026-04-22T18:21:24.368Z
Cvss Version
4.0
State
PUBLISHED
Remediation Level
null
Is Cloud Service
true

Threat ID: 6a552f7368715ace43a5ecee

Added to database: 07/13/2026, 18:33:23 UTC

Last enriched: 07/13/2026, 18:47:30 UTC

Last updated: 07/14/2026, 03:15:35 UTC

Views: 89

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses