Vulnerability in Progress Flowmon ADS Affects Network Monitoring Solutions
CVE-2026-2514

8.6HIGH

Key Information:

Vendor: Progress Software
Status: Flowmon Ads
Vendor: CVE Published:; 12 March 2026

🔔 Create Progress Software Vulnerability Alert

What is CVE-2026-2514?

A flaw in Progress Flowmon ADS versions prior to 12.5.5 and 13.0.3 allows attackers with access to Flowmon monitoring ports to craft malicious network data. When this data is processed by Flowmon ADS and displayed to an authenticated user, it can trigger unintended actions in that user's browser context, potentially leading to exploitation of the system.

Affected Version(s)

Flowmon ADS Flowmon ADS 12 versions prior to 12.5.5

Flowmon ADS Flowmon ADS 13 versions prior to 13.0.3

References

https://community.progress.com/s/article/CVE-2026-2514-Pr...

vendor-advisory

CVSS V4

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 12, 2026
Vulnerability Reserved
Feb 14, 2026

CVE-2026-2514 Data

JSON