Critical severity9.8NVD Advisory· Published Apr 30, 2026· Updated May 4, 2026
CVE-2026-4670
CVE-2026-4670
Description
Authentication bypass by primary weakness vulnerability in Progress Software MOVEit Automation allows Authentication Bypass.
This issue affects MOVEit Automation: from 2025.0.0 before 2025.0.9, from 2024.0.0 before 2024.1.8, versions prior to 2024.0.0.
Affected products
1- cpe:2.3:a:progress:moveit_automation:*:*:*:*:*:*:*:*Range: <2024.1.8
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
2- 11th May – Threat Intelligence ReportCheck Point Research · May 11, 2026
- Critical MOVEit Automation auth bypass vulnerability fixed (CVE-2026-4670)Help Net Security · May 4, 2026