CVE-2026-3517 | Progress LoadMaster prior 7.2.63.0 API command injection

A vulnerability classified as critical was found in Progress LoadMaster, ECS Connections Manager, Object Scale Connection Manager and MOVEit WAF. Affected is an unknown function of the component API. The manipulation results in command injection.

This vulnerability is reported as CVE-2026-3517. The attacker must have access to the local network to execute the attack. No exploit exists.

Upgrading the affected component is advised.VulDB Recent EntriesRead More