telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via specific value for the USER environment variable.

Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal.

A directory traversal vulnerability exists in Arcserve Unified Data Protection (UDP). The vulnerability is due to improper validation of upload files in ImportNodeServlet.

A denial-of-service vulnerability exists in Arcserve Unified Data Protection (UDP). The vulnerability is due to improper validation of username in ASNative.dll. A remote unauthenticated attacker can exploit the vulnerability by sending crafted request to the target application. Successful exploitation could result in denial-of-service conditions in the target application.

Threat Encyclopedia

1237886

TELNET GNU Inetutils telnetd Remote Authentication Bypass (CVE-2026-24061)

Critical

2026/01/26

1234373

WEB Fortra GoAnywhere MFT Authentication Bypass Deep-Dive (CVE-2024-0204)

Critical

2026/01/22

1234716

WEB Arcserve Unified Data Protection ImportNodeServlet doPost Directory Traversal (CVE-2024-0800)

Critical

2026/01/22

1234773

WEB Arcserve Unified Data Protection ASNative.dll Validate Denial of Service (CVE-2024-0801)

Critical

2026/01/22