Critical MOVEit Automation auth bypass vulnerability fixed (CVE-2026-4670)
Progress Software has fixed a critical authentication bypass (CVE-2026-4670) and a privilege escalation (CVE-2026-5174) vulnerability in MOVEit Automation, exploitation of which “may lead to unauthorized access, administrative control, and data exposure.” The vulnerabilities were reported privately
ORIGINAL SOURCE →via Help Net Security
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Ransomware group claims breach of pro-Orbán Hungarian media firm
- [CYBER] Up to 700,000 daily cyberattacks from Iran-linked hackers, UAE warns
- [CYBER] Critical vulnerability in cPanel leads to widespread exploitation
- [CYBER] CVE-2026-40563 - Apache Atlas: Script injection allows access to unintended data
- [CYBER] CVE-2026-6501 - ILM Informatique jOpenDocument XML External Entity Reference Vulnerability
- [CYBER] CVE-2026-6500 - ILM Informatique OpenConcerto Password Storage Vulnerability