CVE-2026-8485
- EPSS 0.35%
- Veröffentlicht 20.05.2026 14:17:04
- Zuletzt bearbeitet 20.05.2026 17:50:03
Uncontrolled Memory Allocation vulnerability in Progress Software MOVEit Automation allows Excessive Allocation. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7.
CVE-2026-8488
- EPSS 0.36%
- Veröffentlicht 20.05.2026 14:14:54
- Zuletzt bearbeitet 21.05.2026 19:00:39
Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation allows Excessive Allocation. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7.
CVE-2026-8487
- EPSS 0.28%
- Veröffentlicht 20.05.2026 14:12:03
- Zuletzt bearbeitet 21.05.2026 18:56:07
Incorrect default permissions vulnerability in Progress Software MOVEit Automation allows Retrieve Embedded Sensitive Data. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7.
CVE-2026-8486
- EPSS 0.4%
- Veröffentlicht 20.05.2026 14:11:30
- Zuletzt bearbeitet 21.05.2026 18:54:37
Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation allows Flooding. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7.
CVE-2026-5174
- EPSS 3.24%
- Veröffentlicht 30.04.2026 15:07:21
- Zuletzt bearbeitet 04.05.2026 16:47:30
Improper input validation vulnerability in Progress Software MOVEit Automation allows Privilege Escalation. This issue affects MOVEit Automation: from 2025.1.0 before 2025.1.5, from 2025.0.0 before 2025.0.9, from 2024.0.0 before 2024.1.8, versions p...
CVE-2026-4670
- EPSS 5.63%
- Veröffentlicht 30.04.2026 15:06:11
- Zuletzt bearbeitet 04.05.2026 18:20:39
Authentication bypass by primary weakness vulnerability in Progress Software MOVEit Automation allows Authentication Bypass. This issue affects MOVEit Automation: from 2025.0.0 before 2025.0.9, from 2024.0.0 before 2024.1.8, versions prior to 2024.0...
CVE-2024-4563
- EPSS 0.24%
- Veröffentlicht 22.05.2024 17:16:15
- Zuletzt bearbeitet 08.01.2025 19:51:35
The Progress MOVEit Automation configuration export function prior to 2024.0.0 uses a cryptographic method with insufficient bit length.
CVE-2020-12677
- EPSS 1.86%
- Veröffentlicht 14.05.2020 18:15:12
- Zuletzt bearbeitet 21.11.2024 05:00:03
An issue was discovered in Progress MOVEit Automation Web Admin. A Web Admin application endpoint failed to adequately sanitize malicious input, which could allow an unauthenticated attacker to execute arbitrary code in a victim's browser, aka XSS. T...