CVE-2025-31985 | HCL BigFix Service Management 23 Header X-Content-Type-Options access control (KB0128144)

Inserito da Angelo Barbosa | Mag 20, 2026 | CVE

A vulnerability identified as critical has been detected in HCL BigFix Service Management 23. This issue affects some unknown processing of the component Header Handler. Performing a manipulation of the argument X-Content-Type-Options results in improper access controls.

This vulnerability was named CVE-2025-31985. The attack may be initiated remotely. There is no available exploit.

CVE-2025-31985 | HCL BigFix Service Management 23 Header X-Content-Type-Options access control (KB0128144)

Post correlati

CVE-2026-8777 | Edimax BR-6428NS 1.10 POST Request /goform/formStaDrvSetup stadrv_ssid command injection

CVE-2025-3811 | WPBookit Plugin up to 1.0.2 on WordPress edit_newdata_customer_callback resource injection

CVE-2026-43003 | OpenStack ironic-python-agent up to 11.5.0 Ironic Python Agent inclusion of functionality from untrusted control sphere

CVE-2024-29316 | NodeBB 3.6.7 access control