file-sharing

CVE-2025-11371, an unauthenticated Local File Inclusion vulnerability in Gladinet CentreStack and Triofox file-sharing and remote access platforms, is being exploited by …

Unknown attackers have exploited a vulnerability (CVE-2025‑54309) in the CrushFTP enterprise file-transfer server solution to gain administrative access to vulnerable …

Threat actors are actively exploiting a recently fixed remote code execution vulnerability (CVE-2025-47812) in Wing FTP Server, security researchers have warned. Wing FTP …

A critical RCE vulnerability (CVE-2025-30406) affecting the Gladinet CentreStack file-sharing/remote access platform has been added to CISA’s Known Exploited …

CrushFTP has fixed a critical vulnerability (CVE-2025-2825) in its enterprise file transfer solution that could be exploited by remote, unauthenticated attackers to access …

Cleo has released a security patch to address the critical vulnerability that started getting exploited while still a zero-day to breach internet-facing Cleo Harmony, …

Attackers are exploiting a vulnerability (CVE-2024-50623) in file transfer software by Cleo – LexiCo, VLTransfer, and Harmony – to gain access to …

Organizations using Fortra’s FileCatalyst Workflow are urged to upgrade their instances, so that attackers can’t access an internal HSQL database by exploiting …

A critical SQL injection vulnerability in Fortra FileCatalyst Workflow (CVE-2024-5276) has been patched; a PoC exploit is already available online. While there’s …

Progress Software has patched one critical (CVE-2024-5805) and one high-risk (CVE-2024-5806) vulnerability in MOVEit, its widely used managed file transfer (MFT) software …

SolarWinds has fixed a high-severity vulnerability (CVE-2024-28995) affecting its Serv-U managed file transfer (MFT) server solution, which could be exploited by …

Proof-of-concept (PoC) exploit code for a critical vulnerability (CVE-2024-0204) in Fortra’s GoAnywhere MFT solution has been made public, sparking fears that attackers …