CVE-2025-10035

Fortra has issued patches for a critical GoAnywhere MFT vulnerability (CVE-2025-10035) that could enable remote command injection via deserialization. The company urges administrators to secure Admin Console access and apply the latest updates, as Shadowserver tracks hundreds of GoAnywhere instances and exposure continues to be a concern.