SecAlerts
CVE ListPricingSign Up
Progress logo

Progress

Security Risk Profile

64
/100
high

Security Risk Score

Comprehensive risk assessment based on 268 vulnerabilities, EPSS scores, exploitation status, and remediation availability.

📅 Data spans from January 2, 1999 to present

268
Total CVEs
198
Critical+High
13
Exploited
167
Unpatched

Threat Assessment

Avg CVSS
7.9
Base severity
Avg EPSS
3%
Exploit probability
Unpatched
167
Critical/High
Risk Level
64/100
high
⚠️ 13 Active Exploits 9 Zero-Days📈 10 in Last 30 Days

Severity Distribution

Critical
60
High
138
Medium
61
Low
0

Exploit Likelihood

>50% chance
2
20-50%
0
5-20%
1
<5%
63

Age Distribution

Common Weaknesses (CWE)

1
XSS
39
2
SQL Injection
27
3
Command Injection
24
4
OS Command Injection
23
5
Buffer Overflow
17

Most Affected Products

1. Progress MOVEit Transfer113
2. Progress Sitefinity112
3. Progress Ws Ftp Server90
4. Progress WhatsUp Gold74
5. Progress Ipswitch Ws Ftp Server73

Recent Vulnerabilities

See more →
CVE-2026-8037
CVSS 9.6critical

OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF

6/4/2026🔧 No Patch
CVE-2026-7313
CVSS 8.7high

CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity

6/2/2026🔧 No Patch
CVE-2026-7312
CVSS 10.0critical

CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity

6/2/2026🔧 No Patch
CVE-2026-7201
CVSS 8.8high

CWE-639: Authorization Bypass Through User-Controlled Key in web services in Progress Sitefinity

6/2/2026🔧 No Patch
CVE-2026-7198
CVSS 9.8critical

CWE-284: Improper Access Control in web services in Progress Sitefinity

6/2/2026🔧 No Patch
CVE-2026-7195
CVSS 8.8high

CWE-20: Improper Input Validation in web services in Progress Sitefinity

6/2/2026🔧 No Patch
CVE-2026-8488
CVSS 7.5EPSS 0%high

Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation

5/20/2026🔧 No Patch
CVE-2026-8487
CVSS 7.5EPSS 0%high

Incorrect default permissions vulnerability in Progress Software MOVEit Automation

5/20/2026🔧 No Patch
CVE-2026-8486
CVSS 7.5EPSS 0%high

Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation

5/20/2026🔧 No Patch
CVE-2026-8485
CVSS 7.5EPSS 0%high

Uncontrolled Memory Allocation vulnerability in Progress Software MOVEit Automation

5/20/2026🔧 No Patch

Monitor Progress in Real-Time

Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
Powered bySecAlerts

Monitor Your Software Stack in Real-Time

Get instant alerts when vulnerabilities are discovered in your software stack. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
AboutNewsDocumentationTermsContact

© 2026 SecAlerts Pty Ltd. All rights reserved.