Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / fortinet

fortinet

1,122 tracked vulnerabilities.

CVE-2026-44279 MEDIUM

FortiTokenAndroid 6.2, 6.1, 5.2 - Improper Export of Android Application Components

CVE-2026-44278 LOW

FortiClientWindows 7.2.0-7.4.2 - Information Disclosure via Hard-coded Cryptographic Key

CVE-2026-44277 CRITICAL

FortiAuthenticator 8.0.0-8.0.2, 6.5.0-6.5.6, 6.6.0-6.6.8, 6.4.0-6.4.10 - Improper Access Control

CVE-2026-26083 CRITICAL

FortiSandbox and FortiSandbox Cloud - Unauthenticated Remote Code Execution via HTTP Requests

CVE-2026-25690 MEDIUM

Fortinet FortiDeceptor - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

CVE-2026-25088 MEDIUM

Fortinet FortiNDR - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVE-2026-40688 HIGH

FortiWeb 8.0.0-8.0.3, 7.6.0-7.6.6, 7.4.0-7.4.11 - Authenticated Remote Code Execution via Crafted HTTP Requests

CVE-2026-39815 HIGH

FortiDDoS-F 7.2.1-7.2.2 - SQL Injection via Crafted HTTP Requests

CVE-2026-39814 MEDIUM

FortiWeb 8.0.0-8.0.2, 7.6.0-7.6.6, 7.4.1-7.4.12, 7.0.10-7.0.12 - Relative Path Traversal

CVE-2026-39813 CRITICAL

FortiSandbox 4.4.0-4.4.8 and 5.0.0-5.0.5 - Path Traversal via '../filedir'

CVE-2026-39812 MEDIUM

FortiSandbox 4.2-5.0.5 - Cross-Site Scripting

CVE-2026-39811 MEDIUM

FortiWeb 8.0.0-8.0.3, 7.6.0-7.6.6, 7.4.0-7.4.12, 7.2.0-7.2.12, 7.0.0-7.0.12 - Denial of Service via Integer Overflow

CVE-2026-39810 MEDIUM

FortiClientEMS 7.4.0-7.4.5 - Information Disclosure via Hard-coded Cryptographic Key

CVE-2026-39809 MEDIUM

FortiClientEMS 7.0.0-7.0.12, 7.2.0-7.2.12, 7.4.0-7.4.5 - SQL Injection

CVE-2026-39808 CRITICAL NUCLEI

FortiSandbox 4.4.0-4.4.8 - OS Command Injection

CVE-2026-27316 LOW

Fortinet FortiSandbox <5.0.5 - Info Disclosure

CVE-2026-25691 MEDIUM

FortiSandbox 4.2.0-5.0.5 - Authenticated Path Traversal via HTTP Requests

CVE-2026-23708 HIGH

FortiSOAR PaaS 7.6.0-7.6.3 - Auth Bypass

CVE-2026-22828 HIGH

FortiAnalyzer/FortiManager Cloud 7.6.2-7.6.4 - Unauthenticated RCE via Heap Overflow

CVE-2026-22576 MEDIUM

FortiSOAR PaaS <7.6.4 - Info Disclosure

CVE-2026-22574 MEDIUM

FortiSOAR PaaS <7.6.4 - Info Disclosure

CVE-2026-22573 MEDIUM

FortiSOAR 7.3.0-7.6.3 - Authenticated Path Traversal via File Content Extraction

CVE-2026-22155 MEDIUM

FortiSOAR 7.3-7.6 - Cleartext Transmission of Sensitive Information

CVE-2026-22154 MEDIUM

FortiSOAR 7.3-7.6.3 - Authenticated Stored Cross-Site Scripting via HTTP Requests

CVE-2026-21742 MEDIUM

Fortinet FortiSOAR PaaS <7.6.2 - Info Disclosure

Page 1 of 45 Next

Products

fortios 267 fortiweb 124 fortiproxy 117 fortimanager 112 fortianalyzer 92 forticlient 85 fortisandbox 58 fortimail 46 fortiportal 44 fortiadc 43 fortisoar 31 fortinac 30 fortisiem 29 fortimanager_cloud 27 fortipam 25 fortivoice 24 fortiauthenticator 23 fortiwlm 23 fortiswitchmanager 19 fortinet_antivirus 18 fortianalyzer_cloud 17 fortitester 16 fortiwan 16 fortimanager_firmware 15 fortiswitch 14 fortiwlc 14 FortiOS 13 fortianalyzer_big_data 13 forticlientems 13 fortianalyzer_firmware 12

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy