CVE Tools
Back to feed
The Hacker News ·EN News source

Progress Kemp LoadMaster Pre-Auth RCE Flaw Faces Active Exploitation Attempts

By The Hacker News··2 min read
CVE Tools coverage

A critical Progress Kemp LoadMaster vulnerability is being actively exploited, with eSentire reporting targeting of CVE-2026-8037 (CVSS 9.6). The issue is an OS command injection in a pre-auth API path that can allow unauthenticated attackers to achieve arbitrary code execution on vulnerable appliances. Although observed exploitation attempts reportedly failed and did not progress further, the availability of proof-of-concept details may accelerate real-world attacks.