CVE-2025-52636 LOW

CVE-2025-52636: HCL AION is affected by a improper handling of uploads files Size

Vendor Hcl
Product AION
Published March 16, 2026
Last update March 16, 2026

CVSS base score

1.8/10
Attack vector Local
Attack complexity High
Privileges required High
User interaction Required
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:L

What the vulnerability does

01Description

HCL AION is affected by a vulnerability related to the handling of upload size limits. Improper control or validation of upload sizes may allow excessive resource consumption, which could potentially lead to service degradation or denial-of-service conditions under certain scenarios.

Key dates

02Disclosure timeline

March 16, 2026 CVE published
March 16, 2026 Record updated