ServiceNow customers are facing heightened security concerns following the disclosure of a significant vulnerability that was actively exploited by threat actors to gain unauthorized access to customer instances. The enterprise cloud computing company, which provides digital workflow solutions for numerous Fortune 500 companies, has revealed that attackers leveraged a previously unknown flaw to bypass authentication measures and access sensitive data within their platform.

According to a recent advisory from ServiceNow, the company identified and addressed the security issue on June 5, 2026, when they deployed an emergency security update across all hosted customer instances. The vulnerability specifically allowed unauthenticated attackers to escalate their privileges and potentially access confidential information stored within affected ServiceNow deployments. While the full technical details remain limited to protect customers who may not have yet applied the patch, the confirmation of active exploitation indicates the severity of this situation.

Organizations utilizing ServiceNow