CVE-2026-8487
published 2026-05-20CVE-2026-8487: Incorrect default permissions vulnerability in Progress Software MOVEit Automation allows Retrieve Embedded Sensitive Data. This issue affects MOVEit…
PriorityP344high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
0.28%
19.7th percentile
Incorrect default permissions vulnerability in Progress Software MOVEit Automation allows Retrieve Embedded Sensitive Data.
This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| progress | moveit_automation | < 2025.0.11 | 2025.0.11 |
| progress | moveit_automation | >= 2025.1.0 < 2025.1.7 | 2025.1.7 |
| progress_software | moveit_automation | < 2025.0.11 | 2025.0.11 |
| progress_software | moveit_automation | >= 2025.1.0 < 2025.1.7 | 2025.1.7 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-58jp-6f6m-4v4f: Incorrect default permissions vulnerability in Progress Software MOVEit Automation allows Retrieve Embedded Sensitive Data
ghsa_unreviewed·2026-05-20
CVE-2026-8487 [MEDIUM] CWE-276 GHSA-58jp-6f6m-4v4f: Incorrect default permissions vulnerability in Progress Software MOVEit Automation allows Retrieve Embedded Sensitive Data
Incorrect default permissions vulnerability in Progress Software MOVEit Automation allows Retrieve Embedded Sensitive Data.
This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7.
VulDB
Progress MOVEit Automation up to 2025.0.10/2025.1.6 default permission
vuldb·2026-05-20·CVSS 6.5
CVE-2026-8487 [MEDIUM] Progress MOVEit Automation up to 2025.0.10/2025.1.6 default permission
A vulnerability labeled as critical has been found in Progress MOVEit Automation up to 2025.0.10/2025.1.6. Affected by this vulnerability is an unknown functionality. Such manipulation leads to incorrect default permissions.
This vulnerability is uniquely identified as CVE-2026-8487. The attack can be launched remotely. No exploit exists.
The affected component should be upgraded.
No detection rules found.
No public exploits indexed.
2026-05-20
Published