CVE-2026-6023

HIGH

Deserialization of Untrusted Data Vulnerability in Telerik UI for ASP.NET AJAX

Title source: cna

Description

In Progress® Telerik® UI for AJAX versions 2024.4.1114 through 2026.1.421, the RadFilter control is vulnerable to insecure deserialization when restoring filter state if the state is exposed to the client. If an attacker tampers with this state, a server-side remote code execution is possible.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory

https://www.telerik.com/products/aspnet-ajax/documentation/knowledge-base/kb-security-deserialization-of-untrusted-data-cve-2026-6023

Scores

CVSS v3 8.1

EPSS 0.0042

EPSS Percentile 32.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-502

Status published

Products (2)

progress/telerik_ui_for_asp.net_ajax 2024.4.1114 - 2026.1.421

Progress Software/Telerik UI for ASP.NET AJAX 2024.4.1114 - 2026.1.421

Published Apr 22, 2026

Tracked Since Apr 22, 2026