Automation

automation

Vendor: Nintex • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-27926 1Nintex 1Automation Jan 29, 2026 Mar 10, 2025 N/A· v4 5.3 MEDIUM· v3 N/A· v2 In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files (web.config) containing passwords that are readable by unauthorized users.
CVE-2025-27925 1Nintex 1Automation Jan 29, 2026 Mar 10, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Nintex Automation 5.6 and 5.7 before 5.8 has insecure deserialization of user input.
CVE-2025-27924 1Nintex 1Automation Jan 30, 2026 Mar 10, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Nintex Automation 5.6 and 5.7 before 5.8 has a stored XSS issue associated with the "Navigate to a URL" action.