CVE-2025-31959

Published: Mag 06, 2026 Last Modified: Mag 06, 2026

ExploitDB:

Other exploit source:

Google Dorks:

LOW 3,5

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: low

User Interaction: required

Scope: unchanged

Confidentiality: low

Integrity: none

Availability: none

Description

AI Translation Available

HCL BigFix Service Management (SM) application fails to strip EXIF metadata from uploaded images. This could lead to confidentiality and privacy risks if sensitive location information is unintentionally shared. .

1230

Exposure of Sensitive Information Through Metadata

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality

Potential Impacts:

Read Application Data

Applicable Platforms

All platforms may be affected

View CWE Details

https://support.hcl-software.com/csm?id=kb_article&sysparm_…

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128144

CVE-2025-31959

Description

Exposure of Sensitive Information Through Metadata

Common Consequences

Applicable Platforms

Iscriviti alla newsletter