{"uuid": "562ae401-f4c3-4c6a-8e26-ecc91fb5c0f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-21837", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116696326209405668", "content": "\u26a0\ufe0f CVE-2026-21837 (HIGH, CVSS 8.7): OS command injection in HCLSoftware Digital Experience 9.5 (Digital Asset Mgmt API). No patch yet. Restrict API access & validate inputs. No active exploits reported. https://radar.offseq.com/threat/cve-2026-21837-cwe-78-improper-neutralization-of-s-1a211ebe #OffSeq #Vulnerability #InfoSec", "creation_timestamp": "2026-06-05T07:30:27.282761Z"}