Resource Allocation Flaw in MOVEit Automation by Progress Software
CVE-2026-8486

5.3MEDIUM

Key Information:

Vendor: Progress Software
Status: Moveit Automation
Vendor: CVE Published:; 20 May 2026

🔔 Create Progress Software Vulnerability Alert

What is CVE-2026-8486?

The resource allocation flaw in MOVEit Automation from Progress Software allows for the consumption of system resources without adequate limits or throttling measures. This could lead to flooding, potentially affecting the overall performance and stability of the software. Affected versions include those prior to 2025.0.11 and from 2025.1.0 to before 2025.1.7. Immediate action is recommended to mitigate risk and ensure secure operations.

Affected Version(s)

MOVEit Automation 0 < 2025.0.11

MOVEit Automation 2025.1.0 < 2025.1.7

References

https://docs.progress.com/bundle/moveit-automation-releas...

vendor-advisory

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2026
Vulnerability Reserved
May 13, 2026

Credit

Airbus SecLab

Anaïs Gantet

Delphine Gourdou

Quentin Liddell

Matteo Ricordeau

CVE-2026-8486 Data

JSON