High severity8.1NVD Advisory· Published Apr 22, 2026· Updated May 5, 2026
CVE-2026-6023
CVE-2026-6023
Description
In Progress® Telerik® UI for AJAX versions 2024.4.1114 through 2026.1.421, the RadFilter control is vulnerable to insecure deserialization when restoring filter state if the state is exposed to the client. If an attacker tampers with this state, a server-side remote code execution is possible.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:progress:telerik_ui_for_asp.net_ajax:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:progress:telerik_ui_for_asp.net_ajax:*:*:*:*:*:*:*:*range: >=2024.4.1114,<2026.1.421
- (no CPE)range: >=2024.4.1114, <=2026.1.421
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.