Excessive Memory Allocation Vulnerability in Progress MOVEit Automation
CVE-2026-8485

5.9MEDIUM

Key Information:

Vendor: Progress Software
Status: Moveit Automation
Vendor: CVE Published:; 20 May 2026

🔔 Create Progress Software Vulnerability Alert

What is CVE-2026-8485?

An uncontrolled memory allocation vulnerability exists in Progress Software's MOVEit Automation, allowing for excessive allocation of memory. This could potentially lead to degraded system performance and stability issues, impacting the overall functionality of the application in specific versions.

Affected Version(s)

MOVEit Automation 0 < 2025.0.11

MOVEit Automation 2025.1.0 < 2025.1.7

References

https://docs.progress.com/bundle/moveit-automation-releas...

vendor-advisory

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2026
Vulnerability Reserved
May 13, 2026

Credit

Airbus SecLab

Anaïs Gantet

Delphine Gourdou

Quentin Liddell

Matteo Ricordeau

CVE-2026-8485 Data

JSON