VYPR

Moveit Automation

by Progress (organisation)

CVEs (8)

  • CVE-2026-4670CriApr 30, 2026
    risk 0.64cvss 9.8epss 0.06

    Authentication bypass by primary weakness vulnerability in Progress Software MOVEit Automation allows Authentication Bypass. This issue affects MOVEit Automation: from 2025.0.0 before 2025.0.9, from 2024.0.0 before 2024.1.8, versions prior to 2024.0.0.

  • CVE-2026-5174HigApr 30, 2026
    risk 0.50cvss 7.7epss 0.03

    Improper input validation vulnerability in Progress Software MOVEit Automation allows Privilege Escalation. This issue affects MOVEit Automation: from 2025.1.0 before 2025.1.5, from 2025.0.0 before 2025.0.9, from 2024.0.0 before 2024.1.8, versions prior to 2024.0.0.

  • CVE-2026-8487MedMay 20, 2026
    risk 0.42cvss 6.5epss 0.00

    Incorrect default permissions vulnerability in Progress Software MOVEit Automation allows Retrieve Embedded Sensitive Data. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7.

  • CVE-2026-8485MedMay 20, 2026
    risk 0.38cvss 5.9epss 0.00

    Uncontrolled Memory Allocation vulnerability in Progress Software MOVEit Automation allows Excessive Allocation. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7.

  • CVE-2026-8486MedMay 20, 2026
    risk 0.34cvss 5.3epss 0.00

    Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation allows Flooding. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7.

  • CVE-2026-8488MedMay 20, 2026
    risk 0.28cvss 4.3epss 0.00

    Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation allows Excessive Allocation. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7.

  • CVE-2024-4563May 22, 2024
    risk 0.00cvss epss 0.00

    The Progress MOVEit Automation configuration export function prior to 2024.0.0 uses a cryptographic method with insufficient bit length.

  • CVE-2020-12677May 14, 2020
    risk 0.00cvss epss 0.02

    An issue was discovered in Progress MOVEit Automation Web Admin. A Web Admin application endpoint failed to adequately sanitize malicious input, which could allow an unauthenticated attacker to execute arbitrary code in a victim's browser, aka XSS. This affects 2018 - 2018.0…