CVE-2026-21836 — The HCL DominoIQ RAG feature is affected by a Broken Access Control vulnerability. Under certain circumstances, document level access restrictions will be ignored when determining what data to return — CVE Database · The Intelligence Room