314/69 Thursday, June 11, 2026
ServiceNow has issued a security advisory after discovering that an unidentified threat actor exploited a vulnerability to gain access to certain customer ServiceNow instances with privileges exceeding those intended by the platform. The company stated that on June 5, 2026, it deployed a security update to affected hosted customer instances to address an issue that, under specific circumstances, could allow unauthenticated users to access data or functionality beyond authorized limits.
The vulnerability has not yet been assigned a CVE identifier. According to ServiceNow, the security update modified endpoint configurations to ensure that access is restricted exclusively to authenticated users. The company reported detecting suspicious activity associated with the vulnerability and found evidence that data queries had been performed against tables within a subset of customer instances. ServiceNow has notified affected customers and indicated that the issue primarily impacted customers running the Australia Platform Release or those using specific customized configurations on instances operating on releases prior to Australia.
Details of the vulnerability first surfaced on Reddit, where a user identified as “d3s7iny” claimed that their security team had originally reported the issue to ServiceNow. According to the post, the company became aware of the vulnerability on April 7, 2026, but initially classified it as a lower-priority issue scheduled for remediation in a future update. Following evidence of active exploitation, however, ServiceNow implemented security changes to restrict access and mitigate the risk. Customers are advised to review notifications from ServiceNow, examine historical logs and instance access activity for anomalies, and assess whether any data stored in instance tables may have been accessed without authorization. Organizations should also take appropriate incident response measures to minimize potential impact and ensure the integrity of their environments.
Source https://thehackernews.com/2026/06/servicenow-flaw-exploited-to-gain.html