High severity7.5NVD Advisory· Published Apr 22, 2026· Updated May 5, 2026
CVE-2026-6022
CVE-2026-6022
Description
In Progress® Telerik® UI for AJAX prior to 2026.1.421, RadAsyncUpload contains an uncontrolled resource consumption vulnerability that allows file uploads to exceed the configured maximum size due to missing cumulative size enforcement during chunk reassembly, leading to disk space exhaustion.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:progress:telerik_ui_for_asp.net_ajax:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:progress:telerik_ui_for_asp.net_ajax:*:*:*:*:*:*:*:*range: <2026.1.421
- (no CPE)range: <=2026.1.421
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.