QwikSec

Security Database

CVE

CWE

Training

CVE-2026-2514

Published: Mar 12, 2026

Modified: Mar 13, 2026

PUBLISHED

Description

In Progress Flowmon ADS versions prior to 12.5.5 and 13.0.3, a vulnerability exists whereby an adversary with access to Flowmon monitoring ports may craft malicious network data that, when processed by Flowmon ADS and viewed by an authenticated user, could result in unintended actions being executed in the user's browser context.

Vendor	Product	Versions
Progress Software	Flowmon ADS	affected `Flowmon ADS 12 versions prior to 12.5.5` affected `Flowmon ADS 13 versions prior to 13.0.3`

Weaknesses (CWE)

References

https://community.progress.com/s/article/CVE-2026-2514-Progress-Flowmon-ADS

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.