Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / fortinet

fortinet

1,122 tracked vulnerabilities.

CVE-2025-61886 MEDIUM

FortiSandbox 5.0.0-5.0.4 and FortiSandbox PaaS 5.0.0-5.0.4 - Cross-Site Scripting via Crafted HTTP Requests

CVE-2025-61848 HIGH

FortiManager and FortiAnalyzer - Authenticated SQL Injection via JSON RPC API

CVE-2025-61624 MEDIUM

Fortinet FortiOS/FortiProxy/FortiSwitchManager/FortiPAM - Authenticated Path Traversal & Arbitrary File Write via CLI

CVE-2025-59809 MEDIUM

FortiSOAR 7.3.0-7.6.4 - Authenticated Server-Side Request Forgery

CVE-2025-53847 MEDIUM

Fortinet FortiOS <7.6.3 - Auth Bypass

CVE-2025-68648 HIGH

Fortinet FortiAnalyzer/FortiManager - Memory Corruption

CVE-2025-68482 MEDIUM

Fortinet FortiAnalyzer/FortiManager - Info Disclosure

CVE-2025-66178 HIGH

Fortinet FortiWeb - Command Injection

CVE-2025-55717 MEDIUM

Fortinet FortiMail/FortiRecorder/FortiVoice - Info Disclosure

CVE-2025-54820 HIGH

Fortinet FortiManager - Buffer Overflow

CVE-2025-54659 MEDIUM

FortiSOAR Agent Communication Bridge 1.1.0/1.0 - Path Traversal

CVE-2025-53608 MEDIUM

FortiSandbox 4.0.0-4.4.7, 5.0.0-5.0.2 - Authenticated Cross-Site Scripting

CVE-2025-49784 MEDIUM

Fortinet FortiAnalyzer - SQL Injection

CVE-2025-48840 MEDIUM

Fortinet FortiWeb 7.0-7.6.3 - Auth Bypass

CVE-2025-48418 MEDIUM

Fortinet FortiAnalyzer/FortiManager - Auth Bypass

CVE-2025-68686 MEDIUM

Fortinet FortiOS <7.6.1 - Info Disclosure

CVE-2025-64157 MEDIUM

FortiOS 7.0-7.6.4 - Authenticated Use of Externally-Controlled Format String via Configuration

CVE-2025-62676 HIGH

FortiClientWindows 7.0-7.4.4 - Arbitrary File Write via Crafted Named Pipe Messages

CVE-2025-62439 MEDIUM

Fortinet FortiOS <7.6.4 - Info Disclosure

CVE-2025-55018 MEDIUM

Fortinet FortiOS 7.6.0, 7.4.0-7.4.9, 7.2.0-7.2.12, 7.0.0-7.0.18, 6.4.3-6.4.15 - HTTP Request Smuggling

CVE-2025-52436 HIGH

FortiSandbox 4.0.0-4.4.7, 5.0.0-5.0.1 - Unauthenticated Cross-Site Scripting

CVE-2025-67685 LOW

FortiSandbox 4.0.0-4.4.0, 5.0.0-5.0.4 - Authenticated Server-Side Request Forgery via Crafted HTTP Requests

CVE-2025-64155 CRITICAL

FortiSIEM 6.7.0-6.7.10, 7.0.0-7.0.4, 7.1.0-7.1.8, 7.3.0-7.3.4, 7.4.0 - OS Command Injection via TCP Requests

CVE-2025-59922 HIGH

Fortinet FortiClientEMS 7.0.0-7.2.10, 7.4.0-7.4.4 - Authenticated SQL Injection via HTTP Requests

CVE-2025-58693 MEDIUM

Fortinet FortiVoice <7.2.2 - Path Traversal

Previous Page 3 of 45 Next

Products

fortios 267 fortiweb 124 fortiproxy 117 fortimanager 112 fortianalyzer 92 forticlient 85 fortisandbox 58 fortimail 46 fortiportal 44 fortiadc 43 fortisoar 31 fortinac 30 fortisiem 29 fortimanager_cloud 27 fortipam 25 fortivoice 24 fortiauthenticator 23 fortiwlm 23 fortiswitchmanager 19 fortinet_antivirus 18 fortianalyzer_cloud 17 fortitester 16 fortiwan 16 fortimanager_firmware 15 fortiswitch 14 fortiwlc 14 FortiOS 13 fortianalyzer_big_data 13 forticlientems 13 fortianalyzer_firmware 12

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy