ServiceNow has warned about a security incident in which unknown threat actors exploited a flaw to obtain deeper unauthorized access to susceptible instances.

“On June 5, 2026, ServiceNow applied a security update to hosted customer instances,” the company revealed in an advisory that requires customer access. “The update concerned a security issue that could allow an unauthenticated user, in