What is the CVSS score of EUVD-2026-24631?

EUVD-2026-24631 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.0%.

Which versions of Telerik UI for AJAX are affected by EUVD-2026-24631?

Progress Telerik UI for AJAX RadAsyncUpload (versions prior to 2026.1.421) contains an unauthenticated remote denial-of-service vulnerability allowing attackers to exhaust disk storage by bypassing…. A patch is available.

How to fix or mitigate EUVD-2026-24631?

Within 24 hours: Inventory all applications using Progress Telerik UI for AJAX and document current RadAsyncUpload component versions. Within 7 days: Upgrade affected instances to Progress Telerik UI for AJAX version 2026.1.421 or later; coordinate with development and operations teams for testing in non-production environments first. Within 30 days: Complete production deployment validation and confirm all instances are patched; implement file upload monitoring to detect anomalous upload patterns.

Telerik UI for AJAX EUVD-2026-24631

| CVE-2026-6022 HIGH

Uncontrolled Resource Consumption (CWE-400)

2026-04-22 ProgressSoftware

GHSA-vf2r-6g4x-jc4h

Denial Of Service Telerik Ui For Asp Net Ajax

7.5

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

7.5 HIGH

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Re-analysis Queued

Apr 22, 2026 - 21:37 vuln.today

cvss_changed

Patch released

Apr 22, 2026 - 21:23 nvd

Patch available

Apr 22, 2026 - 09:01 EUVD

Analysis Generated

Apr 22, 2026 - 08:24 vuln.today

EUVD ID Assigned

Apr 22, 2026 - 08:00 euvd

EUVD-2026-24631

Analysis Generated

Apr 22, 2026 - 08:00 vuln.today

CVE Published

Apr 22, 2026 - 07:07 nvd

HIGH 7.5

DescriptionCVE.org

In Progress® Telerik® UI for AJAX prior to 2026.1.421, RadAsyncUpload contains an uncontrolled resource consumption vulnerability that allows file uploads to exceed the configured maximum size due to missing cumulative size enforcement during chunk reassembly, leading to disk space exhaustion.

AnalysisAI

Uncontrolled resource consumption in Progress Telerik UI for AJAX RadAsyncUpload component allows remote unauthenticated attackers to exhaust disk space by uploading files exceeding configured size limits through chunked upload bypass. The vulnerability arises from missing cumulative size validation during chunk reassembly, enabling attackers to circumvent intended upload restrictions. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Identify RadAsyncUpload endpoint

Delivery

Send chunked upload requests bypassing size validation

Exploit

Reassemble oversized files on server

Execution

Repeat to fill disk

Persist

Exhaust storage capacity

Impact

Trigger application denial of service

Access

Identify RadAsyncUpload endpoint

Delivery

Send chunked upload requests bypassing size validation

Exploit

Reassemble oversized files on server

Execution

Repeat to fill disk

Persist

Exhaust storage capacity

Impact

Trigger application denial of service

Vulnerability AssessmentAI

Exploitation	Applications using Progress Telerik UI for AJAX versions prior to 2026.1.421 with RadAsyncUpload component enabled and accessible via network-exposed endpoints. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	CVSS 7.5 (High) reflects significant availability impact with maximum attack convenience (network vector, low complexity, no authentication, no user interaction). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker identifies an internet-facing ASP.NET application using Telerik RadAsyncUpload by fingerprinting HTTP endpoints (common paths include /Telerik.Web.UI.WebResource.axd). The attacker crafts HTTP POST requests containing file chunks, intentionally splitting a multi-gigabyte payload into segments that individually fall below the configured MaxFileSize limit (e.g., 100MB file split into 200 x 500KB chunks). …
Remediation	Upgrade to Progress Telerik UI for AJAX version 2026.1.421 or later, which implements cumulative size validation during chunk reassembly to prevent bypass of configured upload limits. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all applications using Progress Telerik UI for AJAX and document current RadAsyncUpload component versions. …

Threat intelligence, references, and detailed analysis are available after sign-in.

EUVD-2026-24631 vulnerability details – vuln.today

Back

Telerik UI for AJAX EUVD-2026-24631

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

Share

External POC / Exploit Code