ServiceNow has disclosed a important safety vulnerability in its AI Platform that might enable unauthenticated attackers to remotely execute code throughout the ServiceNow Sandbox surroundings.
Tracked as CVE-2026-0542, the flaw was formally printed on February 25, 2026, underneath safety advisory KB2693566.
Overview of the Vulnerability
The vulnerability exists throughout the ServiceNow AI Platform and might be exploited by an unauthenticated person underneath sure circumstances to execute arbitrary code remotely.
Whereas the assault is confined to the ServiceNow Sandbox, such execution capabilities can expose delicate workflow information, automation logic, and enterprise integrations managed by way of the platform.
ServiceNow confirmed that, as of the advisory publication date, there is no such thing as a proof of energetic exploitation towards buyer cases within the wild.
| Discipline | Particulars |
|---|---|
| CVE ID | CVE-2026-0542 |
| Advisory ID | KB2693566 |
| Severity | Important |
| Assault Kind | Distant Code Execution (RCE) |
| Authentication Required | No (Unauthenticated) |
| Affected Product | ServiceNow AI Platform |
| Exploitation within the Wild | Not detected |
| Advisory Revealed | February 25, 2026 |
Patch and Fastened Variations
ServiceNow proactively deployed a safety replace to hosted buyer cases on January 6, 2026. Patches are additionally accessible for self-hosted clients and companions.
| Launch | Fastened Model | Availability |
|---|---|---|
| Australia | TBD | Q2 2026 |
| Zurich | Patch 4 Hotfix 3b | February 23, 2026 |
| Zurich | Patch 5 | January 12, 2026 |
| Yokohama | Patch 10 Hotfix 1b | February 18, 2026 |
| Yokohama | Patch 12 | February 6, 2026 |
| Xanadu | Patch 11 Hotfix 1a | February 2, 2026 |
Organizations operating ServiceNow ought to instantly apply the related patches listed above.
Clients who participated within the January 2026 Patching Program already acquired the suitable replace. Cases that didn’t obtain a notification had been confirmed as unaffected.
Safety groups ought to confirm their present launch model and prioritize upgrading to the mounted builds, particularly for internet-accessible or externally built-in ServiceNow deployments.
Observe us on Google Information, LinkedIn, and X to Get Instantaneous Updates and Set GBH as a Most popular Supply in Google.
