Where
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how fortra compares to other vendors in security performance

View Risk Score →

Fortra GoAnywhere MFTUser‑Controlled HTTP Header In Fortra's GoAnywhere MFT Allows Arbitrary DNS Lookups

Risk 40
Severity
6.5
First published (updated )
CVE-2026-1089

Fortra GoAnywhere MFTHTML Injection possible in system generated emails in Fortra's GoAnywhere MFT

Risk 34
Severity
5.4
First published (updated )
CVE-2026-0972

Fortra GoAnywhere MFTGoAnywhere MFT SAML Sessions do not redirect to logout URL on session timeout

Risk 22
Severity
4.3
First published (updated )
CVE-2026-0971

Fortra GoAnywhere MFTGoAnywhere MFT SFTP Service Login Vulnerable to Brute Force Attack Under Certain Circumstances

Risk 51
Severity
7.3
First published (updated )
CVE-2025-14362

Fortra GoAnywhere AgentsEncryption vulnerable to brute-force decryption in GoAnywhere MFT

Risk 32
Severity
5.8
First published (updated )
CVE-2025-1241
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Fortra Core Privileged Access Manager (BoKS) Server AgentWeak Password Hash in Core Privileged Access Manager (BoKS)

Risk 36
Severity
6.2
First published (updated )
CVE-2025-13532

Fortra GoAnywhere MFTImproper Access Control in SFTP service of GoAnywhere MFT

Risk 29
Severity
4.2
First published (updated )
CVE-2025-8148

BleepingComputerMicrosoft: Critical GoAnywhere bug exploited in ransomware attacks

Exploited
Zeroday
First published (updated )
News
BleepingComputer

The Register‘An attacker's playground:’ Crims exploit GoAnywhere perfect-10 bug

Exploited
First published (updated )
News
The Register

BleepingComputerMaximum severity GoAnywhere MFT flaw exploited as zero day

Exploited
Zeroday
First published (updated )
News
BleepingComputer
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

It Is Bad (Exploitation of Fortra GoAnywhere MFT CVE-2025-10035) - Part 2 - watchTowr Labs

First published (updated )
Social
reddit

The RegisterDing ding: Fortra rings the perfect-10 bell over latest GoAnywhere MFT bug

Exploited
First published (updated )
News
The Register

BleepingComputerFortra warns of max severity flaw in GoAnywhere MFT’s License Servlet

First published (updated )
News
BleepingComputer

Fortra GoAnywhere MFTFortra GoAnywhere MFT Deserialization of Untrusted Data Vulnerability

Risk 100
Severity
10
Exploited
First published (updated )
CVE-2025-10035

Fortra FileCatalystUnrestricted File Upload in FileCatalyst

Risk 38
Severity
8.2
EPSS
0.09%
First published (updated )
CVE-2025-8450
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Fortra GoAnywhere MFTBroken Access Control Leads to Limited Denial of Service in GoAnywhere MFT 7.8.0 and earlier

Risk 27
Severity
5.3
First published (updated )
CVE-2025-3871

Fortra Core Privileged Access ManagerCore Privileged Access Manager (BoKS) Leakage of Sensitive Data via the Cache

Risk 24
Severity
5.5
EPSS
0.01%
First published (updated )
CVE-2025-5141

Fortra GoAnywhereInput Validation vulnerability in Web Client emails that do not go through Secure Mail

Risk 46
Severity
6.3
First published (updated )
CVE-2024-11922

HelpSystems GoAnywhereDisclosure of sensitive information in an error message in GoAnywhere prior to version 7.8.0

Risk 22
Severity
4.3
First published (updated )
CVE-2025-0049

BleepingComputerRetail giant Sam’s Club investigates Clop ransomware breach claims

Exploited
Zeroday
First published (updated )
News
BleepingComputer
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Fortra Application HubSensitive Information Disclosure in Fortra Application Hub Prior to version 1.3

Risk 32
Severity
5.5
First published (updated )
CVE-2024-11923

Fortra GoAnywhere MFTLimited Information Disclosure in GoAnywhere MFT Prior to 7.7.0

Risk 19
Severity
5.3
EPSS
0.04%
First published (updated )
CVE-2024-9945

Fortra Robot ScheduleSensitive information in agent log file when detailed logging is enabled with Robot Schedule Enterprise prior to version 3.05

Risk 24
Severity
5.5
EPSS
0.04%
First published (updated )
CVE-2024-8264

Fortra FileCatalyst WorkflowSQL Injection in FileCatalyst Workflow 5.1.6 Build 139 (and earlier)

Risk 49
Severity
7.2
EPSS
0.05%
First published (updated )
CVE-2024-6632

Fortra FileCatalyst WorkflowInsecure Default in FileCatalyst Workflow 5.1.6 Build 139 (and earlier)

Risk 62
Severity
9.8
EPSS
0.09%
First published (updated )
CVE-2024-6633
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Fortra Goanywhere Managed File TransferAuthentication bypass in GoAnywhere MFT prior to 7.6.0

Risk 49
Severity
6.5
First published (updated )
CVE-2024-25157

Fortra FileCatalyst WorkflowSQL Injection Vulnerability in FileCatalyst Workflow 5.1.6 Build 135 (and earlier)

Risk 62
Severity
9.8
EPSS
0.04%
First published (updated )
CVE-2024-5276

Fortra Robot Schedule Enterprise AgentPrivilege Escalation in Robot Schedule Enterprise Agent for Windows prior to version 3.04

Risk 64
Severity
7.3
First published (updated )
CVE-2024-0259

Fortra Goanywhere Managed File TransferPath traversal in GoAnywhere MFT 7.4.1 and Earlier

Risk 28
Severity
6.5
EPSS
0.04%
First published (updated )
CVE-2024-25156

FileCatalyst DirectReflected Cross-Site Scripting (XSS) in FileCatalyst Direct 3.8.8 and earlier

Risk 31
Severity
7.2
EPSS
0.04%
First published (updated )
CVE-2024-25155
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203