Fortra Security Vulnerabilities (CVEs)

Track 11 security vulnerabilities affecting Fortra products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

5 Critical

3 High

3 Medium

Sort by:

🔔 Get Alerts for Fortra

CVE-2025-8148 4.2

This vulnerability allows Web Users in Fortra's GoAnywhere MFT who are configured for password-only SFTP authentication to bypass this restriction and...

Dec 5, 2025

CVE-2025-10035 10.0

A critical deserialization vulnerability in Fortra's GoAnywhere MFT License Servlet allows attackers with forged license signatures to execute arbitra...

Sep 18, 2025

CVE-2024-11922 6.3

This cross-site scripting (XSS) vulnerability in Fortra's GoAnywhere web client allows authenticated attackers with email triggering permissions to in...

Apr 28, 2025

CVE-2024-6633 9.8

CVE-2024-6633 exposes default credentials for the HSQL database in FileCatalyst Workflow, allowing attackers to compromise the database if it remains ...

Aug 27, 2024

CVE-2024-25157 6.5

This authentication bypass vulnerability in GoAnywhere MFT allows Admin Users with Agent Console access to circumvent permission checks and access una...

Aug 14, 2024

CVE-2024-5276 9.8

A SQL injection vulnerability in Fortra FileCatalyst Workflow allows attackers to modify application data, potentially creating administrative users o...

Jun 25, 2024

CVE-2024-0259 7.3

This vulnerability allows low-privileged Windows users to overwrite the Robot Schedule Enterprise Agent service executable. When the service restarts,...

Mar 28, 2024

CVE-2024-25155 7.2

This is a cross-site scripting (XSS) vulnerability in FileCatalyst Direct web server versions 3.8.6 through 3.8.8. Attackers can craft malicious URLs ...

Mar 13, 2024

CVE-2024-25153 9.8

CVE-2024-25153 is a critical directory traversal vulnerability in FileCatalyst Workflow Web Portal's ftpservlet that allows unauthenticated attackers ...

Mar 13, 2024

CVE-2024-0204 9.8

This vulnerability allows an unauthenticated attacker to bypass authentication in Fortra's GoAnywhere MFT and create an administrative user via the ad...

Jan 22, 2024

CVE-2023-0669 7.2

CVE-2023-0669 is a pre-authentication remote code execution vulnerability in Fortra GoAnywhere MFT that allows unauthenticated attackers to execute ar...

Feb 6, 2023

Why Monitor Fortra Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 11+ known vulnerabilities affecting Fortra products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Fortra packages in under 60 seconds. No agents required - completely agentless scanning that works across Fortra deployments.

Free vulnerability database: Access detailed information about every Fortra CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

Register free account & add your servers
Run one-time scan or schedule automatic monitoring (every 1-24 hours)
Receive instant alerts when new Fortra CVEs affect your systems
Access dashboard with severity breakdown & fix instructions

Start Monitoring Fortra CVEs Free