CVE-2026-39808 is an OS command injection flaw in FortiSandbox that allows unauthenticated attackers to execute unauthorized ...

Fortinet's endpoint management security server software is under fire from attackers, who are actively targeting two critical flaws, including a fresh zero-day that ...

Fortinet has confirmed that attackers are already exploiting a 9.1-rated zero-day vulnerability. Emergency security update ...

Fortinet warns of a critical FortiClient EMS zero-day vulnerability that is currently being exploited, allowing attackers to bypass authentication and execute commands.

Fortinet has released an emergency weekend security update for a new critical FortiClient Enterprise Management Server (EMS) vulnerability that is actively exploited in attacks.

Fortinet patched 27 vulnerabilities, including two critical FortiSandbox flaws leading to authentication bypass and code ...

Fortinet fixed a critical command injection vulnerability in FortiSIEM, which is subject to a working exploit in the wild, as well as a high-severity authentication bypass in FortiOS, FortiProxy, and ...

The Cybersecurity and Infrastructure Security Agency (CISA) has added a Fortinet critical flaw to its known exploited vulnerabilities catalog. CISA on Tuesday added the flaw to the KEV catalog, a day ...

The proof-of-concept exploit is easy to execute, and could foretell wider targeting of the Fortinet vulnerability by attackers. Security researchers have released technical details and a ...

Critical SAP, Adobe, Fortinet, and Microsoft flaws disclosed in April Patch Tuesday, enabling RCE and data theft risks.

Fortinet has confirmed today that a critical authentication bypass security vulnerability patched last week is being exploited in the wild. The security flaw (CVE-2022-40684) is an auth bypass on the ...