CVE-2026-35146

Severity CVSS v4.0:
Pending analysis
Type:
CWE-326 Inadequate Encryption Strength
Publication date:
16/07/2026
Last modified:
16/07/2026

Description

HCL DFXServer is affected by an Unencrypted Communication vulnerability. The application permits users to establish connections over unencrypted channels via the HTTP protocol, which could allow a remote attacker to intercept network traffic and expose sensitive data transmitted between the user and the application.