VYPR
Critical severity9.8NVD Advisory· Published Apr 30, 2026· Updated May 4, 2026

CVE-2026-4670

CVE-2026-4670

Description

Authentication bypass by primary weakness vulnerability in Progress Software MOVEit Automation allows Authentication Bypass.

This issue affects MOVEit Automation: from 2025.0.0 before 2025.0.9, from 2024.0.0 before 2024.1.8, versions prior to 2024.0.0.

Affected products

2
  • cpe:2.3:a:progress:moveit_automation:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:progress:moveit_automation:*:*:*:*:*:*:*:*range: <2024.1.8
    • (no CPE)range: >=2025.0.0 <2025.0.9, >=2024.0.0 <2024.1.8, <2024.0.0

Patches

Vulnerability mechanics

References

1

News mentions

7