ServiceNow Unauthorized Access Vulnerability Enabled Unauthorized Customer Data Access
Executive Summary On 9 June 2026, ServiceNow disclosed an incident in which unknown threat actors exploited a flaw to gain deeper unauthorized access to susceptible customer instances. On 5 June 2026, ServiceNow applied a security update to hosted customer instances to address an issue that could allow an unauthenticated user, under certain circumstances, to gain greater access to ServiceNow instances…
Read More