CVE-2026-35148
HCL DFXServer is affected by a Missing Access Control vulnerability (CVE-2026-35148). The issue allows certain endpoints to be accessed without authentication in another browser, enabling any network user to invoke APIs without verification of identity or authorization. CVSS v3.1 base score: 6.3 ...