Known Vulnerabilities for products from Progress

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Progress".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-48821 json Not Provided 2026-06-17 2026-06-17
CVE-2026-47270 json Not Provided 2026-05-27 2026-05-28
CVE-2026-47066 json Not Provided 2026-05-25 2026-05-26
CVE-2026-46705 json Not Provided 2026-06-10 2026-06-11
CVE-2026-46311 json Not Provided 2026-06-08 2026-06-14
CVE-2026-45855 json Not Provided 2026-05-27 2026-05-27
CVE-2026-44505 json Not Provided 2026-06-10 2026-06-10
CVE-2026-43296 json Not Provided 2026-05-08 2026-05-11
CVE-2026-39834 json Not Provided 2026-05-22 2026-05-22
CVE-2026-33702 json Not Provided 2026-04-10 2026-04-13
CVE-2026-8488 json Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation allows Excessive Al... Not Provided 2026-05-20 2026-05-21
CVE-2026-8487 json Incorrect default permissions vulnerability in Progress Software MOVEit Automation allows Retrieve Embedded Sensitive Data. ... Not Provided 2026-05-20 2026-05-21
CVE-2026-8486 json Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation allows Flooding. T... Not Provided 2026-05-20 2026-05-21
CVE-2026-8485 json Uncontrolled Memory Allocation vulnerability in Progress Software MOVEit Automation allows Excessive Allocation. This issue ... Not Provided 2026-05-20 2026-05-20
CVE-2026-7312 json CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 14.0.7700 to 14.4.8152, a... Not Provided 2026-06-02 2026-06-04
CVE-2026-7201 json CWE-639: Authorization Bypass Through User-Controlled Key in web services in Progress Sitefinity 15.2.x before 15.2.8441, 15.... Not Provided 2026-06-02 2026-06-04
CVE-2026-7198 json CWE-284: Improper Access Control in web services in Progress Sitefinity 15.4.8623 before 15.4.8630 allows a remote unauthenti... Not Provided 2026-06-02 2026-06-04
CVE-2026-7195 json CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x, 14.4.x before 14.4.8152, 15.0... Not Provided 2026-06-02 2026-06-04
CVE-2026-6023 json In Progress® Telerik® UI for AJAX versions 2024.4.1114 through 2026.1.421, the RadFilter control is vulnerable to insecure ... Not Provided 2026-04-22 2026-05-05
CVE-2026-6022 json In Progress® Telerik® UI for AJAX prior to 2026.1.421, RadAsyncUpload contains an uncontrolled resource consumption vulnera... Not Provided 2026-04-22 2026-05-05
Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Progress

Type Vendor Product Version
ApplicationProgress4gl Compiler-
ApplicationProgressDatabase-
ApplicationProgressFiddler2.2.9.4
ApplicationProgressIpswitch Ws Ftp Server1.0.1
ApplicationProgressIpswitch Ws Ftp Server With Ssh6.1.0
ApplicationProgressKendo Ui2011.2.804
ApplicationProgressMoveit Automation2018.0
ApplicationProgressMoveit Transfer-
ApplicationProgressObjectstore-
ApplicationProgressOpenedge-
ApplicationProgressSitefinity10.0
ApplicationProgressSitefinity Cms10.0
ApplicationProgressTelerik Extensions For Asp.net Mvc-
ApplicationProgressTelerik Reporting10.0.16.113
ApplicationProgressWebspeed-
ApplicationProgressWebspeed Messenger-
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report