CVE-2026-3519 | Progress LoadMaster prior 7.2.63.0 API command injection

A vulnerability, which was classified as critical, was found in Progress LoadMaster, ECS Connections Manager, Object Scale Connection Manager and MOVEit WAF. Affected by this issue is some unknown functionality of the component API. Such manipulation leads to command injection.

This vulnerability is traded as CVE-2026-3519. Access to the local network is required for this attack to succeed. There is no exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More