CVE-2026-35146
Severity CVSS v4.0:
Pending analysis
Type:
CWE-326
Inadequate Encryption Strength
Publication date:
16/07/2026
Last modified:
16/07/2026
Description
HCL DFXServer is affected by an Unencrypted Communication vulnerability. The application permits users to establish connections over unencrypted channels via the HTTP protocol, which could allow a remote attacker to intercept network traffic and expose sensitive data transmitted between the user and the application.
Impact
Base Score 3.x
6.30
Severity 3.x
MEDIUM



