#deserialization-vulnerability
#deserialization-vulnerability

[ follow ]

Information security

Fortra GoAnywhere CVSS 10 Flaw Exploited as 0-Day a Week Before Public Disclosure

An unsafe deserialization flaw (CVE-2025-10035) in Fortra GoAnywhere permits unauthenticated command injection and was actively exploited in the wild by at least September 10, 2025.

fromTheregister

2 weeks ago

Information security

Fortra discloses 10/10 severity bug in GoAnywhere MFT

CVE-2025-10035 is a 10/10 deserialization flaw in Fortra GoAnywhere MFT License Servlet enabling command injection via forged license responses.

fromThe Hacker News

1 week ago

Information security

Fortra GoAnywhere CVSS 10 Flaw Exploited as 0-Day a Week Before Public Disclosure

fromTheregister

2 weeks ago

Information security

Fortra discloses 10/10 severity bug in GoAnywhere MFT

Recent Fortra GoAnywhere MFT Vulnerability Exploited as Zero-Day

A critical deserialization vulnerability in Fortra GoAnywhere MFT (CVE-2025-10035) was exploited in the wild at least eight days before patches were released.

[ Load more ]

#deserialization-vulnerability#deserialization-vulnerability

Fortra GoAnywhere CVSS 10 Flaw Exploited as 0-Day a Week Before Public Disclosure

Fortra discloses 10/10 severity bug in GoAnywhere MFT

Fortra GoAnywhere CVSS 10 Flaw Exploited as 0-Day a Week Before Public Disclosure

Fortra discloses 10/10 severity bug in GoAnywhere MFT

Recent Fortra GoAnywhere MFT Vulnerability Exploited as Zero-Day

#deserialization-vulnerability
#deserialization-vulnerability