CVE-2026-8485 | THREATINT

Description

Uncontrolled Memory Allocation vulnerability in Progress Software MOVEit Automation allows Excessive Allocation. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7.

PUBLISHED Reserved 2026-05-13 | Published 2026-05-20 | Updated 2026-05-20 | Assigner ProgressSoftware

MEDIUM: 5.9CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Problem types

CWE-789 Uncontrolled Memory Allocation

Product status

Default status

unaffected

Any version before 2025.0.11

affected

2025.1.0 (semver) before 2025.1.7

affected

Credits

Airbus SecLab finder

Anaïs Gantet finder

Delphine Gourdou finder

Quentin Liddell finder

Matteo Ricordeau finder

References

docs.progress.com/...-notes-2026/page/Fixed-Issues-2026.html vendor-advisory

cve.org (CVE-2026-8485)

nvd.nist.gov (CVE-2026-8485)

Download JSON