ByteOS Network

NVD Vulnerability Details :

CVE-2026-8488

Analyzed

Source-security@progress.com

Published At-20 May, 2026 | 16:16

Updated At-21 May, 2026 | 19:00

Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation allows Excessive Allocation. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	4.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Primary	3.1	7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Type: Secondary

Version: 3.1

Base score: 4.3

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Type: Primary

Version: 3.1

Base score: 7.5

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CPE Matches

Progress Software Corporation

>>moveit_automation>>Versions before 2025.0.11(exclusive)

cpe:2.3:a:progress:moveit_automation:*:*:*:*:*:*:*:*

Progress Software Corporation

>>moveit_automation>>Versions from 2025.1.0(inclusive) to 2025.1.7(exclusive)

cpe:2.3:a:progress:moveit_automation:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-770	Primary	security@progress.com

CWE ID: CWE-770

Type: Primary

Source: security@progress.com

References

Hyperlink	Source	Resource
https://docs.progress.com/bundle/moveit-automation-release-notes-2026/page/Fixed-Issues-2026.html	security@progress.com	Release Notes

Hyperlink: https://docs.progress.com/bundle/moveit-automation-release-notes-2026/page/Fixed-Issues-2026.html

Source: security@progress.com

Resource:

Release Notes

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History