fortra

Top products

The 15 most recently published vulnerabilities affecting fortra.

• CVE-2026-9863Core Privileged Access Manager (BoKS) upgrade tooling command injection vulnerability7.5Jun 15, 2026
• CVE-2026-9862Core Privileged Access Manager (BoKS) autoregistration service command injection vulnerability9.8Jun 15, 2026
• CVE-2026-1089User‑Controlled HTTP Header In Fortra's GoAnywhere MFT Allows Arbitrary DNS Lookups6.5Apr 21, 2026
• CVE-2026-0972HTML Injection possible in system generated emails in Fortra's GoAnywhere MFT5.4Apr 21, 2026
• CVE-2026-0971GoAnywhere MFT SAML Sessions do not redirect to logout URL on session timeout4.3Apr 21, 2026
• CVE-2025-14362GoAnywhere MFT SFTP Service Login Vulnerable to Brute Force Attack Under Certain Circumstances7.3Apr 21, 2026
• CVE-2025-1241Encryption vulnerable to brute-force decryption in GoAnywhere MFT5.8Apr 21, 2026
• CVE-2025-13532Weak Password Hash in Core Privileged Access Manager (BoKS)6.2Dec 16, 2025
• CVE-2025-8148CVE-2025-8148 Improper Access Control in SFTP service of GoAnywhere MFT4.2Dec 5, 2025
• CVE-2025-10035Deserialization Vulnerability in GoAnywhere MFT's License ServletKEV10.0Sep 18, 2025
• CVE-2025-8450Unrestricted File Upload in FileCatalyst8.2Aug 19, 2025
• CVE-2025-3871Broken Access Control Leads to Limited Denial of Service in GoAnywhere MFT 7.8.0 and earlier5.3Jul 16, 2025
• CVE-2025-5141Core Privileged Access Manager (BoKS) Leakage of Sensitive Data via the Cache5.5Jun 17, 2025
• CVE-2024-11922Input Validation vulnerability in Web Client emails that do not go through Secure Mail6.3Apr 28, 2025
• CVE-2025-0049Disclosure of sensitive information in an error message in GoAnywhere prior to version 7.8.03.5Apr 28, 2025