Signal

Critical vulnerabilities in Progress ShareFile Storage Zones Controller enable unauthenticated remote code execution

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-04-02 11:07 UTCUpdated 2026-04-03 15:18 UTC

rss

cveexploitssecurity_advisoryincident_response

Source links open

Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.

Back Evidence (4)Get the free brief by email Start free trial

No card needed for the free brief.

Evidence trail (top sources)

top sources (4 domains)

4 top sources shown

Progress ShareFile vulnerabilities allow unauthenticated file exfiltration

SC Media · News · scworld.com · 2026-04-03 15:18 UTC

Progress ShareFile Storage Zones Controller v5 critical vulnerabilities lead to unauth RCE

NCSC-FI - Vulnerabilities · docs.sharefile.com · 2026-04-03 02:00 UTC

Progress security advisory (AV26-310)

Canadian Centre for Cyber Security - Alerts · News · cyber.gc.ca · 2026-04-02 18:37 UTC

Multiple Vulnerabilities in Progress ShareFile Could Allow for Remote Code Execution

CIS Security Advisories · News · cisecurity.org · 2026-04-02 18:10 UTC

View all evidence

Overview

Multiple critical vulnerabilities (CVE-2026-2699 and CVE-2026-2701) have been identified in Progress ShareFile Storage Zones Controller versions prior to 5.12.4 and 6.0.

Entities

Progress ShareFileStorage Zones Controller

Score total

1.34

Momentum 24h

4

Posts

4

Origins

4

Source types

1

Duplicate ratio

0%

Why now

Fixes were released recently (March 10, 2026), but many users may still be vulnerable.
Proof-of-concept exploits exist, increasing the risk of active attacks.
Security advisories from multiple trusted sources highlight the urgency to update.

Why it matters

These vulnerabilities allow unauthenticated attackers to execute arbitrary code, risking data breaches and system compromise.
Progress ShareFile is widely used in regulated industries, increasing potential impact on sensitive workflows.
Timely patching is critical to prevent exploitation of these high-severity flaws.

LLM analysis

Topic mix: lowPromo risk: lowSource quality: medium

Recurring claims

Progress ShareFile Storage Zones Controller versions prior to 5.12.4 contain critical vulnerabilities CVE-2026-2699 and CVE-2026-2701 allowing unauthenticated remote code execution.

How sources frame it

Canadian Centre For Cyber Security: neutral

All evidence

All evidence

Progress ShareFile vulnerabilities allow unauthenticated file exfiltration

SC Media · scworld.com · 2026-04-03 15:18 UTC

Progress ShareFile Storage Zones Controller v5 critical vulnerabilities lead to unauth RCE

NCSC-FI - Vulnerabilities · docs.sharefile.com · 2026-04-03 02:00 UTC

Progress security advisory (AV26-310)

Canadian Centre for Cyber Security - Alerts · cyber.gc.ca · 2026-04-02 18:37 UTC

Multiple Vulnerabilities in Progress ShareFile Could Allow for Remote Code Execution

CIS Security Advisories · cisecurity.org · 2026-04-02 18:10 UTC

Show filters & breakdown

Posts loaded: 0Publishers: 4Origin domains: 4Duplicates: -

Platform

Publisher

Origin domain

Relevance tier

Duplicates only

Showing 4 / 0

Top publishers (this list)

SC Media (1)
NCSC-FI - Vulnerabilities (1)
Canadian Centre for Cyber Security - Alerts (1)
CIS Security Advisories (1)

Top origin domains (this list)

scworld.com (1)
docs.sharefile.com (1)
cyber.gc.ca (1)
cisecurity.org (1)