VYPR
Medium severity6.5NVD Advisory· Published Apr 21, 2026· Updated Apr 23, 2026

CVE-2026-1089

CVE-2026-1089

Description

User‑Controlled HTTP Header in Fortra's GoAnywhere MFT prior to version 7.10.0 allows attackers to trigger a DNS lookup, as well as DNS Rebinding and Information Disclosure.

Affected products

1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.