CVE-2026-8486 | THREATINT

Description

Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation allows Flooding. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7.

PUBLISHED Reserved 2026-05-13 | Published 2026-05-20 | Updated 2026-05-20 | Assigner ProgressSoftware

MEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Problem types

CWE-770 Allocation of resources without limits or throttling

Product status

Default status

unaffected

Any version before 2025.0.11

affected

2025.1.0 (semver) before 2025.1.7

affected

Credits

Airbus SecLab finder

Anaïs Gantet finder

Delphine Gourdou finder

Quentin Liddell finder

Matteo Ricordeau finder

References

docs.progress.com/...-notes-2026/page/Fixed-Issues-2026.html vendor-advisory

cve.org (CVE-2026-8486)

nvd.nist.gov (CVE-2026-8486)

Download JSON