Home
HIGH: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HDefault status
unaffected
2025.0.0 (semver) before 2025.0.8
affected
2025.1.0 (semver) before 2025.1.4
affected
2026.0.0 (semver) before 2026.0.1
affected
Description
Missing release of memory after effective lifetime vulnerability in Progress MOVEit Transfer (Custom Reports modules). This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.8, from 2025.1.0 before 2025.1.4, from 2026.0.0 before 2026.0.1.
Problem types
CWE-401 Missing release of memory after effective lifetime
Product status
2025.0.0 (semver) before 2025.0.8
2025.1.0 (semver) before 2025.1.4
2026.0.0 (semver) before 2026.0.1
References
community.progress.com/...itical-Security-Bulletin-June-2026