ServiceNow - July 2024 vulnerabilities

• KB1648313 CVE-2024-5217 - Incomplete Input Validation in GlideExpression Script 2024-07-10
• KB1648312 CVE-2024-5178 - Incomplete Input Validation in SecurelyAccess API 2024-07-10
• KB1645154 CVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow UI Macros 2024-07-10

CVE-2024-4879 sounds to be the most serious vulnerability allowing RCE for non-authenticated users.

ref: https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1226057