Ravie LakshmananJul 01, 2026Vulnerability / Network Security

A recently disclosed critical security flaw impacting Progress Kemp LoadMaster is seeing active exploitation attempts, according to an advisory from eSentire's Threat Response Unit (TRU).

The Canadian cybersecurity company said it identified exploitation attempts targeting CVE-2026-8037 (CVSS score: 9.6), an operating system (OS) command injection flaw that could be exploited to achieve arbitrary code execution on susceptible devices. The exploitation activity commenced on June 29, 2026.

"OS Command Injection Remote Code Execution Vulnerability in API in Progress LoadMaster allows an unauthenticated attacker with permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input," Progress said in an advisory for the vulnerability released early last month.

In an analysis published this week, watchTowr Labs described the flaw as rooted in a function named "escape_quotes()" within the load balancer application and that it stems from improper handling of user-supplied input.