CVE-2026-3518 | Progress LoadMaster prior 7.2.63.0 API command injection

A vulnerability, which was classified as critical, has been found in Progress LoadMaster, ECS Connections Manager, Object Scale Connection Manager and MOVEit WAF. Affected by this vulnerability is an unknown functionality of the component API. This manipulation causes command injection.

This vulnerability appears as CVE-2026-3518. The attacker needs to be present on the local network. There is no available exploit.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More