Monetary Authority

**Name of the Vulnerable Software and Affected Versions** Telerik UI for AJAX versions prior to 2026.1.421 **Description** RadAsyncUpload contains an uncontrolled resource consumption issue. This occurs because of missing cumulative size enforcement during chunk reassembly, which allows file uploads to exceed the configured maximum size, potentially leading to disk space exhaustion. **Recommendations** Update to version 2026.1.421.

**Name of the Vulnerable Software and Affected Versions** Telerik UI for AJAX versions prior to 2026.1.225 **Description** RadAsyncUpload contains an issue where a predictable temporary identifier is generated based on the timestamp and filename. This lack of sufficient entropy can lead to collisions and allow for file content tampering. **Recommendations** Update to version 2026.1.225.