Progress Software's ADC products have critical vulnerabilities that allow authenticated attackers with specific permissions to execute arbitrary commands.

🚨 EUVD-2026-23858 📊 Score: 8.4/10 (CVSS v3.1) 📦 Product: MOVEit WAF, Object Scale Connection Manager, LoadMaster (+1 more) 🏢 Vendor: Progress Software 📅 Updated: 2026-04-20 📝 OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “VS Administration” permissions to execute arbitrary commands o... 🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-23858 #cybersecurity #infosec #euvd #cve #vulnerability

🚨 EUVD-2026-23857 📊 Score: 8.4/10 (CVSS v3.1) 📦 Product: LoadMaster, MOVEit WAF, Object Scale Connection Manager (+1 more) 🏢 Vendor: Progress Software 📅 Updated: 2026-04-20 📝 OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “All” permissions to execute arbitrary commands on the LoadMast... 🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-23857 #cybersecurity #infosec #euvd #cve #vulnerability

🚨 EUVD-2026-23856 📊 Score: 8.4/10 (CVSS v3.1) 📦 Product: LoadMaster, ECS Connections Manager, MOVEit WAF (+1 more) 🏢 Vendor: Progress Software 📅 Updated: 2026-04-20 📝 OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “Geo Administration” permissions to execute arbitrary commands on the L... 🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-23856 #cybersecurity #infosec #euvd #cve #vulnerability

🚨 EUVD-2026-23895 📊 Score: 6.7/10 (CVSS v3.1) 📦 Product: PowerProtect Data Domain, PowerProtect Data Domain 🏢 Vendor: Dell 📅 Updated: 2026-04-20 📝 Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS command injection vulnerability. A high privileged attacker with remote acces... 🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-23895 #cybersecurity #infosec #euvd #cve #vulnerability

🚨 EUVD-2026-23906 📊 Score: 6.7/10 (CVSS v3.1) 📦 Product: PowerProtect Data Domain, PowerProtect Data Domain 🏢 Vendor: Dell 📅 Updated: 2026-04-20 📝 Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain a command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary comman... 🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-23906 #cybersecurity #infosec #euvd #cve #vulnerability

🚨 EUVD-2026-24079 📊 Score: 8.7/10 (CVSS v3.1) 📦 Product: Router QN-I-470 🏢 Vendor: Quantum Networks 📅 Updated: 2026-04-21 📝 This vulnerability exists in Quantum Networks router due to inadequate sanitization of user-supplied input in the management CLI interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary OS commands ... 🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-24079 #cybersecurity #infosec #euvd #cve #vulnerability