Share
## https://sploitus.com/exploit?id=SAINT:B94055400BC099146F61734DD1B7933A
Added: 07/02/2026  
CVE: CVE-2026-8037  


### Background

LoadMaster is delivery and security application with cloud-native, virtual and hardware load balancers. 

### Problem

A command injection vulnerability allows remote attackers to execute arbitrary code by sending a specially crafted API request. 

### Resolution

Upgrade to LoadMaster GA 7.2.63.2 or higher or LoadMaster LTSF 7.2.54.18 or higher. 

### References

https://community.progress.com/s/article/LoadMaster-Critical-Security-Bulletin-June-2026-CVE-2026-8037-CVE-2026-33691   
https://labs.watchtowr.com/enterprise-tech-in-shell-out-progress-kemp-loadmaster-uninitialized-heap-to-pre-auth-rce-cve-2026-8037/