MOVEit automation flaws could enable full system compromise
Progress fixes critical MOVEit Automation flaws, including an authentication bypass bug that could let attackers gain unauthorized access to systems. Progress Software addressed two vulnerabilities in MOVEit Automation, a critical authentication bypass flaw tracked as CVE-2026-4670 and a privilege escalation issue tracked as CVE-2026-5174. If exploited, these bugs could allow attackers to gain unauthorized access […]
Progress Software addressed two vulnerabilities in MOVEit Automation, a critical authentication bypass flaw tracked as CVE-2026-4670 and a privilege escalation issue tracked as CVE-2026-5174. If exploited, these bugs could allow attackers to gain unauthorized access or elevate privileges.
MOVEit Automation is an enterprise managed file transfer (MFT) solution developed by Progress Software. It’s designed to securely move, schedule, and automate file transfers between systems, applications, and partners, without needing custom scripts.
Related breach coverage
- Apache fixes critical HTTP/2 double-free flaw CVE-2026-23918 enabling RCE2026-05-06
Apache fixed several flaws in HTTP Server, including CVE-2026-23918 (CVSS score of 8.8), a double-free bug in HTTP/2 that could allow remote code execution. The Apache Software Foundation has released updates to fix multiple vulnerabilities in its HTTP Server, including CVE-2026-23918 (CVSS score of 8.8). The issue involves a “double free” error in HTTP/2 handling […]
- Cisco patches high-severity flaws enabling SSRF, code execution attacks2026-05-07
Cisco fixed several high‑severity flaws in its enterprise products, including SSRF bugs in Unity Connection that could enable code execution or service disruption. Cisco released patches for multiple high‑severity vulnerabilities affecting its enterprise products. Successful exploitation could allow code execution, server‑side request forgery (SSRF), or denial‑of‑service attacks. Two notable flaws, CVE‑2026‑20034 and CVE‑2026‑20035, impact Cisco […]
- Dirty Frag: A new Linux privilege escalation vulnerability is already in the wild2026-05-08
Dirty Frag: unpatched Linux kernel flaw grants root access on Ubuntu, RHEL and Fedora. A working exploit is already public. Security researchers have disclosed a new unpatched vulnerability in the Linux kernel, code-named Dirty Frag, that allows an unprivileged local user to gain full root access on most major Linux distributions, including Ubuntu, RHEL, Fedora, […]
- Critical, High-Severity Vulnerabilities Patched in Apache MINA, HTTP Server2026-05-05
The most severe of these security defects could allow remote attackers to execute arbitrary code. The post Critical, High-Severity Vulnerabilities Patched in Apache MINA, HTTP Server appeared first on SecurityWeek.