progress software

Top products

The 15 most recently published vulnerabilities affecting progress software.

• CVE-2026-8037OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF9.6Jun 4, 2026
• CVE-2026-7313CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity8.7Jun 2, 2026
• CVE-2026-7312CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity10.0Jun 2, 2026
• CVE-2026-7201CWE-639: Authorization Bypass Through User-Controlled Key in web services in Progress Sitefinity8.8Jun 2, 2026
• CVE-2026-7198CWE-284: Improper Access Control in web services in Progress Sitefinity9.8Jun 2, 2026
• CVE-2026-7195CWE-20: Improper Input Validation in web services in Progress Sitefinity8.8Jun 2, 2026
• CVE-2026-8488Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation4.3May 20, 2026
• CVE-2026-8487Incorrect default permissions vulnerability in Progress Software MOVEit Automation6.5May 20, 2026
• CVE-2026-8486Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation5.3May 20, 2026
• CVE-2026-8485Uncontrolled Memory Allocation vulnerability in Progress Software MOVEit Automation5.9May 20, 2026
• CVE-2026-5174Improper Access Control Vulnerability in Progress MOVEit Automation7.7Apr 30, 2026
• CVE-2026-4670Improper Authentication vulnerability in Progress MOVEit Automation9.8Apr 30, 2026
• CVE-2026-6023Deserialization of Untrusted Data Vulnerability in Telerik UI for ASP.NET AJAX8.1Apr 22, 2026
• CVE-2026-6022Uncontrolled Resource Consumption Vulnerability in Telerik UI for ASP.NET AJAX7.5Apr 22, 2026
• CVE-2026-4048OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF8.4Apr 20, 2026