Progress Vulnerabilities
Comprehensive security vulnerability database for Progress products
2
1
2
0
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2026-2878 | 5.9 | This vulnerability allows an attacker to tamper with uploaded files by exploiting a predictable temporary identifier used in the file upload process. It mainly affects versions of Telerik UI for AJAX before 2026.1.225, where the attacker needs to know the timestamp and filename to create a conflicting upload. | progresstelerik ui for asp.net ajax | Exploit Available | about 1 month agoFeb 25, 2026 |
| CVE-2024-1212 | 9.8 | This vulnerability allows attackers to remotely execute any command on the LoadMaster system without needing to log in. The only requirement is that they can access the management interface, making it critical for organizations to secure this access immediately. | progressloadmaster | Exploit Available | about 2 years agoFeb 21, 2024 |
About Progress Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Progress products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.