Unintended command execution during report generation in Progress Flowmon

Description

A vulnerability classified as critical was found in Progress Flowmon up to up to 12.5.7. Affected by this issue is some unknown functionality. Such manipulation leads to os command injection. The attack can be launched remotely.

Affected Products

Vendor	Product	Versions
progress	flowmon	Flowmon 12 versions prior to 12.5.8, Flowmon 12.5.7

References

https://community.progress.com/s/article/CVE-2026-3692-Progress-Flowmon(vendor-advisory)

Related News (1 articles)

Tier C

VulDB3h ago

CVE-2026-3692 | Progress Flowmon up to up to 12.5.7 os command injection

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

https://community.progress.com/s/article/CVE-2026-3692-Progress-Flowmon

CWECWE-78

PublishedApr 2, 2026

Last enriched3h agov2

Trending Score54

Source articles1

Independent1

Info Completeness8/14

Missing: cvss, epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

Version History

Last enriched 3h ago

v2Tier C3h ago

Updated severity to CRITICAL, added affected version 12.5.7, and corrected exploit availability to false.

descriptionseverityaffectedVersionsactivelyExploited

via VulDB

v14h ago

Initial creation

Unintended command execution during report generation in Progress Flowmon

Description

Affected Products

References

Related News (1 articles)

Community Vote

Related CVEs (4)

Pin to Dashboard

Verification

Vulnerability Timeline

Version History