#CVE-2026-8037

Pre-Auth Root RCE in Progress Kemp LoadMaster: Patch the API Now

CVE-2026-8037 lets an unauthenticated attacker run commands as root via a crafted API request. CVSS 9.8. The vendor has shipped a fix.