CVE-2026-8801

Summary

Path equivalence: vulnerability in Progress MOVEit Transfer (File Upload modules).

This issue affects MOVEit Transfer: before 2025.0.8, from 2025.1.0 before 2025.1.4.

Affected Software

VendorProductVersion RangeStatus
ProgressMOVEit Transfer2025.1.0 < 2025.1.4affected
ProgressMOVEit Transfer0 < 2025.0.8affected

Weaknesses

  • CWE-46: CWE-46 Path equivalence: 'filename ' (trailing space)

References