Auth bypass in Progress Software Flowmon

CVE-2026-8079

In Progress Flowmon versions prior to 12.5.9 and 13.0.11, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the PDF generation process that results in operations being performed with the privile…

Vulnerability class: Broken Access Control

Affected products

  • Progress Software Flowmon — versions Flowmon 12 versions prior to 12.5.9, Flowmon 13 versions prior to 13.0.11, Flowmon 13 versions prior to 13.0.10

Weakness classification (CWE)

References