27 Total CVEs
14 AI Analyzed
5 CISA KEV
13 Critical
All Vendors
Showing 1-27 of 27 CVEs
CVE-2026-44277
Analyzed
9.8
Fortinet FortiAuthenticator

A improper access control vulnerability in Fortinet FortiAuthenticator 8.0.2, FortiAuthenticator 8.0.0, FortiAuthenticator 6.6.0 through 6.6.8, FortiA...

2026-05-13
CVE-2026-39815
8.8
Fortinet FortiDDoS

A improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiDDoS-F 7

2026-04-15
CVE-2026-39813
Analyzed
9.8
Fortinet FortiSandbox

A path traversal vulnerability in Fortinet FortiSandbox allows unauthenticated attackers to achieve privilege escalation via crafted file paths.

2026-04-15
CVE-2026-39808
Analyzed
9.8
Fortinet FortiSandbox

A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4....

2026-04-15
CVE-2026-35616
KEV Analyzed
9.8
Fortinet FortiClientEMS

Fortinet FortiClientEMS versions 7.4.5 and 7.4.6 contain an improper access control vulnerability. Unauthenticated attackers can execute unauthorized...

2026-04-04
CVE-2026-26083
Analyzed
9.8
Fortinet FortiSandbox

A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through...

2026-05-13
CVE-2026-25089
Analyzed
9.8
Fortinet FortiSandbox

An OS command injection vulnerability in FortiSandbox allows unauthenticated attackers to execute unauthorized commands via specifically crafted HTTP...

2026-06-10
CVE-2026-24018
7.8
Fortinet FortiClientLinux

A UNIX symbolic link (Symlink) following vulnerability in Fortinet FortiClientLinux 7

2026-03-11
CVE-2026-24017
8.1
Fortinet FortiWeb

An Improper Control of Interaction Frequency vulnerability [CWE-799] vulnerability in Fortinet FortiWeb 8

2026-03-11
CVE-2026-22828
8.1
Fortinet FortiAnalyzer Cloud

A heap-based buffer overflow vulnerability in Fortinet FortiAnalyzer Cloud 7

2026-04-15
CVE-2026-22627
8.8
Fortinet FortiSwitchAXFixed

A buffer copy without checking size of input ('classic buffer overflow') vulnerability in Fortinet FortiSwitchAXFixed 1

2026-03-11
CVE-2026-21643
KEV Analyzed
9.8
Fortinet FortiClientEMS

An unauthenticated SQL injection vulnerability in Fortinet FortiClientEMS 7.4.4 allows for unauthorized code or command execution via crafted HTTP req...

2026-02-06
CVE-2025-64447
8.1
Fortinet Multiple Products

A reliance on cookies without validation and integrity checking vulnerability in Fortinet FortiWeb 8

2025-12-10
CVE-2025-64446
KEV
9.8
Fortinet Multiple Products

A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb...

2025-11-15
CVE-2025-64155
Analyzed
9.8
Fortinet Multiple Products

An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3...

2026-01-14
CVE-2025-60024
8.8
Fortinet Multiple Products

Multiple Improper Limitations of a Pathname to a Restricted Directory ('Path Traversal') vulnerabilities [CWE-22] vulnerability in Fortinet FortiVoice...

2025-12-10
CVE-2025-59719
Analyzed
9.8
Fortinet Multiple Products

An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4...

2025-12-10
CVE-2025-58692
8.8
Fortinet Multiple Products

An improper neutralization of special elements used in an SQL Command ("SQL Injection") vulnerability [CWE-89] in Fortinet FortiVoice 7

2025-11-19
CVE-2025-58034
KEV Analyzed
7.2
Fortinet Multiple Products

An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiWeb 8

2025-11-19
CVE-2025-54820
8.1
Fortinet FortiManager

A Stack-based Buffer Overflow vulnerability [CWE-121] vulnerability in Fortinet FortiManager 7

2026-03-11
CVE-2025-54658
Analyzed
7.8
Fortinet Multiple Products

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiDLP Agent's Outlookproxy plu...

2025-10-16
CVE-2025-52970
8.1
Fortinet Multiple Products

A improper handling of parameters in Fortinet FortiWeb versions 7

2025-08-12
CVE-2025-52436
8.8
Fortinet FortiSandbox

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox...

2026-02-11
CVE-2025-49201
8.1
Fortinet Multiple Products

A weak authentication in Fortinet FortiPAM 1

2025-10-14
CVE-2025-47855
Analyzed
9.8
Fortinet Multiple Products

An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in Fortinet FortiFone 7.0.0 through 7.0.1, FortiFone 3.0.13 thro...

2026-01-14
CVE-2025-25257
KEV Analyzed
9.8
Fortinet Multiple Products

An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiWeb version 7.6.0 thro...

2025-07-17
CVE-2025-25256
Analyzed
9.8
Fortinet Multiple Products

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSIEM version 7.3...

2025-08-12