CVE

CVE-2025-10035

2field notes · 0digests

View all posts tagged #cve-2025-10035 →

Field notes

Analysis · May 8, 2026 · The Field Notes Desk
Cleo shipped a fix in October. Cl0p was bypassing it by December.
CVE-2024-50623 was patched in 5.8.0.21 on October 27. By December 3, Huntress had a working PoC against fully patched hosts and Cl0p was running it in production. This is the fifth MFT vendor in five years to hand Cl0p the same playbook.
Analysis · May 5, 2026 · The Field Notes Desk
GoAnywhere MFT gets its third critical RCE in three years
Storm-1175 was exploiting CVE-2025-10035 two days before Fortra even shipped the hotfix to customers. Under 24 hours from initial access to ransomware. GoAnywhere's third year in a row.