#deserialization-vulnerability

[ follow ]
#cve-2025-10035 #goanywhere-mft #remote-code-execution #react-server-components #cve-2025-55182
Information security
fromLogRocket Blog
3 weeks ago

React2Shell exploit: What happened and lessons learned - LogRocket Blog

A deserialization flaw in React Server Components (React2Shell, CVE-2025-55182) enabled remote code execution with CVSS 10.0 and was rapidly exploited in the wild.
#cve-2025-10035
more#cve-2025-10035
Information security
fromTheregister
3 months ago

Microsoft blames Medusa affiliates for GoAnywhere exploits

Medusa-linked attackers exploited a critical deserialization flaw in Fortra's GoAnywhere MFT (CVE-2025-10035) to enable code execution, deploy RMM tools, and maintain persistence.
Information security
fromSecurityWeek
3 months ago

Recent Fortra GoAnywhere MFT Vulnerability Exploited as Zero-Day

A critical deserialization vulnerability in Fortra GoAnywhere MFT (CVE-2025-10035) was exploited in the wild at least eight days before patches were released.
[ Load more ]