HCL Sametime iOS App Leaks User Hostname Information

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

3.3

HCL Sametime iOS App Leaks User Hostname Information

CVE-2026-21786

Summary

The HCL Sametime iOS app stores user hostnames in logs and URLs, potentially exposing sensitive information. This could allow unauthorized access to user information. To protect yourself, update to the latest version of the app.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
hcltech	sametime	<= 12.0.26	–

Original title

HCL Sametime for iOS is impacted by a sensitive information disclosure. Hostnames information is written in application logs and certain URLs.

Original description

HCL Sametime for iOS is impacted by a sensitive information disclosure. Hostnames information is written in application logs and certain URLs.

nvd CVSS3.1 3.3

Vulnerability type

CWE-532 Insertion of Sensitive Information into Log File

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128949

Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026