Security Advisory

CVE-2026-2878

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-25 14:45:11

Last updated 2026-02-27 17:06:16

Assigner ProgressSoftware

State PUBLISHED

Description

In Progress® Telerik® UI for AJAX, versions prior to 2026.1.225, an insufficient entropy vulnerability exists in RadAsyncUpload, where a predictable temporary identifier, based on timestamp and filename, can enable collisions and file content tampering.

← Browse all CVEs View on cve.org ↗