Vulnerability  ·  2026-07-14

ServiceNow AI Platform Sandbox Escape Enables Unauthenticated Remote Code Execution

VulnerabilityHigh impactGlobalCVE-2026-6875
ServiceNow disclosed and patched a critical (CVSS 9.5) remote code execution vulnerability in the ServiceNow AI Platform. The flaw allows an unauthenticated user, under certain circumstances, to escape the platform's AI sandbox isolation and execute code within the ServiceNow environment. Confirmed via direct fetch of both the NVD entry and ServiceNow's own KB3137947 advisory, both dated 2026-07-13.
ServiceNow AI Platform is deployed broadly across enterprise IT service management, workflow automation, and AI-driven agent workflows. A sandbox escape in the AI execution environment could let an unauthenticated attacker pivot from an isolated AI code-execution context to the underlying platform, exposing sensitive organizational data, automation logic, and integration credentials across a widely-used enterprise SaaS platform.
An unauthenticated attacker sends crafted requests to the ServiceNow AI Platform's sandbox component (CWE-653, Improper Isolation/Compartmentalization) to break out of the intended AI code-execution sandbox and execute arbitrary code within the platform, in certain circumstances without authentication.
ServiceNow AI Platform (hosted, self-hosted, and partner-hosted instances)
ServiceNow has deployed a security update to hosted instances; self-hosted customers and partners should apply the corresponding security update per ServiceNow KB3137947.
NVD - CVE-2026-6875ServiceNow KB3137947 - CVE-2026-6875 Sandbox Escape in ServiceNow AI Platform
See this in the live feed Explore related AI security and governance findings — updated every morning.
Open the feed →