CVE-2026-21826

MEDIUM

6.1CVSS v3

—CVSS v2

0.03% EPSS (exploit probability)

CWE-601CWE

Description

HCL Digital Experience and HCL Digital Experience Compose could be susceptible to Host header injection. An attacker can manipulate the Host header and cause the application to behave in unexpected ways.

CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected routers (0)

No routers currently mapped to this CVE in our database.

External references

NIST NVD
MITRE CVE