ServiceNow Fixes Critical RCE Vulnerability in AI Platform

📌 ServiceNow disclosed a critical unauthenticated remote code execution (RCE) vulnerability in its AI Platform, tracked as CVE-2026-0542. The flaw was mitigated within a sandbox environment and has been addressed through patches and hotfixes released between January and February 2026. The company published an advisory detailing the affected updates. No specific impact beyond the RCE risk was described, though the vulnerability required no authentication for exploitation. The correction applies to ServiceNow’s AI Platform components.