CVE-2026-7195

Name of the Vulnerable Software and Affected Versions Progress Sitefinity versions 14.1 through 14.3 Progress Sitefinity versions prior to 14.4.8152 Progress Sitefinity versions prior to 15.0.8234 Progress Sitefinity versions prior to 15.1.8335 Progress Sitefinity versions prior to 15.2.8441 Progress Sitefinity versions prior to 15.3.8531 Progress Sitefinity versions prior to 15.4.8630

Description Improper input validation in web services allows a remote unauthenticated attacker to achieve remote code execution and compromise the integrity and confidentiality of user accounts. Successful exploitation requires a non-default site configuration and user interaction.

Recommendations Update versions 14.1 through 14.3 to a patched release. Update versions prior to 14.4.8152 to version 14.4.8152 or later. Update versions prior to 15.0.8234 to version 15.0.8234 or later. Update versions prior to 15.1.8335 to version 15.1.8335 or later. Update versions prior to 15.2.8441 to version 15.2.8441 or later. Update versions prior to 15.3.8531 to version 15.3.8531 or later. Update versions prior to 15.4.8630 to version 15.4.8630 or later.