PROGRESS Software has advised ShareFile customers to temporarily shut down their Storage Zone Controller servers due to a credible external security threat. This controller serves as a secure data storage solution for ShareFile users. Access to affected accounts has been suspended, and although the company is investigating the threat, it has confirmed there is currently no evidence of unauthorized access to accounts or customer data.
Speculations point to vulnerabilities identified in March, specifically CVE-2026-2699 and CVE-2026-2701, which may be exploited for remote code execution. Progress is consulting with cybersecurity experts to address the situation.