Future TechnologyFuture Technology
Security

A Critical Bug in Kemp LoadMaster Is Already Under Attack

3 July 2026 · 2 min read

A critical vulnerability in Progress Kemp LoadMaster, tracked with a CVSS score of 9.6, allows an attacker to inject operating system commands into the load balancer, potentially leading to full arbitrary code execution on the device.

Why it is serious

Load balancers sit at the front door of a network, routing traffic to the servers behind them. A compromised LoadMaster appliance does not just expose itself, it can become a launchpad for attacks against everything it is supposed to be protecting. Security researchers have already observed exploitation attempts in the wild, so this is not a theoretical risk sitting in a lab report.

What to do

If your organisation runs Kemp LoadMaster appliances, check Progress's advisory for the patched version and apply it as soon as possible. In the meantime, restrict management interface access to trusted networks only, rather than leaving it reachable from the wider internet.

Sources: Progress Kemp advisory