CVE-2025-27924 — CVSS 5.4 (medium): Nintex Automation 5.6 and 5.7 before 5.8 has a stored XSS issue associated with the "Navigate to a URL" action.
CVE-2025-27926 — CVSS 4.3 (medium): In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files (web.config) containing passwords…