CVE Catalog

CVE-2026-57912

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Summary

The vulnerability in Johnson & Johnson Campus Recruiting before October 31, 2025 allows unauthorized viewing of data provided by recruited students and notes entered about students by interviewers.

Risk Assessment

The risk involves leakage of sensitive student data and confidential recruiter notes, potentially violating candidate privacy and data protection regulations.

Recommendation

Immediately update the system to the version from October 31, 2025 or later, and conduct an access audit to detect any potential breaches.

Original NVD description (English source)

Johnson & Johnson Campus Recruiting before 2025-10-31 allows viewing of data provided by recruited students, and notes entered about students by interviewers.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS