ServiceNow hosted customer instances API endpoint access-control security update
Security Patch Release
Summary
Hide ▲
Show ▼
ServiceNow applied a security update to hosted customer instances on June 5, 2026 to fix an API endpoint access-control issue. The update changed the endpoint so that only authenticated users can access it, reducing the risk of unauthorized access. The affected scope is limited to specific hosted tenants rather than the whole platform. ServiceNow is still evaluating whether to assign a CVE.
Related Happenings
ServiceNow hit by network compromise
Incident
H score25
First: 10.06.2026 10:02
Last: 10.06.2026 10:02
Sources 1
How related:
ServiceNow also confirmed that attackers exploited this flaw to successfully query the customer instance tables.
About this happening:
ServiceNow disclosed an **unauthorized access incident** affecting **hosted customer instances**, with evidence that attackers made **successful queries of instance tables** again...
ServiceNow hit by network compromise
IncidentHow related: ServiceNow also confirmed that attackers exploited this flaw to successfully query the customer instance tables.
About this happening: ServiceNow disclosed an **unauthorized access incident** affecting **hosted customer instances**, with evidence that attackers made **successful queries of instance tables** again...
ServiceNow AI Platform patch release for CVE-2025-12420
Security Patch Release
H score34
First: 13.01.2026 13:47
Last: 13.01.2026 13:47
Sources 1
About this happening:
**ServiceNow** released a **security update** for **CVE-2025-12420**, a **critical** flaw in its **ServiceNow AI Platform** that could let an **unauthenticated user** impersonate...
ServiceNow AI Platform patch release for CVE-2025-12420
Security Patch ReleaseAbout this happening: **ServiceNow** released a **security update** for **CVE-2025-12420**, a **critical** flaw in its **ServiceNow AI Platform** that could let an **unauthenticated user** impersonate...
Timeline
-
10.06.2026 00:34 2 articles · 29d ago
ServiceNow applies a security update to hosted customer instances
Mitigation Patch UpdateServiceNow applied a security update to hosted customer instances and changed the vulnerable API endpoint so only authenticated users can access it, addressing an unauthenticated access issue that could allow greater access than intended.
Show sources
- ServiceNow discloses security incident exposing customer data — www.bleepingcomputer.com — 10.06.2026 00:34
- ServiceNow discloses security incident exposing customer data — www.bleepingcomputer.com — 10.06.2026 00:34
-
10.06.2026 00:34 1 articles · 29d ago
ServiceNow confirms customer instance table queries through a vulnerable API endpoint
Initial DisclosureServiceNow warned impacted customers after detecting anomalous activity tied to an unauthenticated access flaw in a vulnerable API endpoint, and confirmed attackers used the issue to query customer instance tables. The company opened support cases with affected customers and said the issue mainly affects customers on the Australia platform release or older releases with certain configuration changes.
Show sources
- ServiceNow discloses security incident exposing customer data — www.bleepingcomputer.com — 10.06.2026 00:34