CVE-2026-7312
Serial number: AV26-552 Date: June 5, 2026 Updated: July 2, 2026 Between June 2 and 4, 2026, Progress published security advisories to address vulnerabilities in the following products. Included was a critical update for the following: Sitefinity CMS and Sitefinity Insight – multiple versions Progress Kemp LoadMaster – version GA v7.2.63.1 and prior Progress Kemp LoadMaster - version LTSF v7.2.54.17 and prior Update 1 Open-source reporting indicates that CVE-2026-8037 is being exploited in the wild. The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates. Sitefinity Security Advisory for Addressing Security Vulnerabilities CVE-2026-7312, CVE-2026-7198, CVE-2026-7195, CVE-2026-7201, CVE-2026-7313, May 2026 LoadMaster Critical Security Bulletin – June 2026 – (CVE-2026-8037, CVE-2026-33691) Progress Trust Center
CSIRTS triage
- What
- Critical vulnerabilities have been reported in Sitefinity CMS and LoadMaster.
- Who is affected
- Users and administrators of Sitefinity CMS and LoadMaster versions mentioned.
- Urgency
- Remediation is urgent due to the critical nature of the vulnerabilities and reports of exploitation.
- Action
- Apply the necessary updates as per the security advisories.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch CVE-2026-7312
Get an email if CVE-2026-7312 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.
Exploitation outlook
- Low exploitation risk0.44% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 35% of all EPSS-scored CVEs.
Advisory coverage (1)
- criticalProgress security advisory (AV26-552) – Update 1cccs · 2026-07-02
External references
Embed the live status
— this badge updates automatically when the KEV or exploit status changes. How to embed it →
[](https://www.csirts.com/cve/CVE-2026-7312)