Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / fortinet

fortinet

1,122 tracked vulnerabilities.

CVE-2025-47855 CRITICAL

Fortinet FortiFone <7.0.2 - Info Disclosure

CVE-2025-25249 HIGH

Fortinet FortiOS <7.6.3 - Buffer Overflow

CVE-2025-64471 MEDIUM

Fortinet FortiWeb <8.0.1 - Use After Free

CVE-2025-64447 HIGH

FortiWeb 7.0.0-7.0.11, 7.2.0-7.2.11, 7.4.0-7.4.10, 7.6.0-7.6.5, 8.0.0-8.0.1 - Arbitrary Operations via Forged Cookies

CVE-2025-64156 HIGH

FortiVoice 6.0.0-6.0.11, 6.4.0-6.4.x, 7.0.0-7.0.7, 7.2.0-7.2.2 - Authenticated SQL Injection

CVE-2025-64153 HIGH

FortiExtender Firmware 7.0.0-7.0.3, 7.2.0-7.2.x, 7.4.0-7.4.7, 7.6.0-7.6.3 - OS Command Injection

CVE-2025-62631 MEDIUM

FortiOS 6.4.0-6.4.15, 7.0.0-7.0.18, 7.2.0-7.2.12, 7.4.0 - Insufficient Session Expiration via SSLVPN

CVE-2025-60024 HIGH

FortiVoice 7.0.0-7.0.7 - Authenticated Path Traversal and Arbitrary File Write via HTTP/HTTPS Commands

CVE-2025-59923 LOW

Fortinet FortiAuthenticator 6.3.0-6.6.6 - Authenticated Credential Disclosure via Crafted Requests

CVE-2025-59810 MEDIUM

FortiSOAR 7.3.0-7.5.1, 7.6.0-7.6.2 - Authenticated Information Disclosure via Crafted Requests

CVE-2025-59808 MEDIUM

Fortinet FortiSOAR <7.6.2 - Info Disclosure

CVE-2025-59719 CRITICAL

FortiWeb 7.4.0-7.4.9, 7.6.0-7.6.4, 8.0.0 - Unauthenticated SAML Authentication Bypass via Crafted SAML Response

CVE-2025-59718 CRITICAL KEV

Fortinet FortiOS/FortiProxy/FortiSwitchManager SAML Signature Verification Bypass

CVE-2025-57823 LOW

Fortinet FortiAuthenticator <6.6.7 - Info Disclosure

CVE-2025-54838 MEDIUM

FortiPortal 7.4.0-7.4.5 - Authenticated Incorrect Authorization via Crafted HTTP Requests

CVE-2025-54353 MEDIUM

FortiSandbox 4.0.0-4.0.5, 4.2.0-4.2.x, 4.4.0-4.4.7, 5.0.0-5.0.2 - Cross-Site Scripting via Crafted HTTP Requests

CVE-2025-53949 HIGH

Fortinet FortiSandbox <5.0.2 - Command Injection

CVE-2025-53679 HIGH

Fortinet FortiSandbox <5.0.2 - Command Injection

CVE-2025-58412 MEDIUM

Fortinet FortiADC 7.2.0-7.6.3, 8.0.0 - Cross-Site Scripting via Crafted URL

CVE-2025-61713 MEDIUM

Fortinet FortiPAM <1.6.0 - Info Disclosure

CVE-2025-59669 MEDIUM

FortiWeb 7.0.0-7.6.0 - Authenticated Use of Hard-coded Credentials in Redis Service

CVE-2025-58692 HIGH

Fortinet FortiVoice <7.2.2 - SQL Injection

CVE-2025-58413 HIGH

Fortinet FortiOS <7.6.3 - Buffer Overflow

CVE-2025-58034 HIGH KEV

FortiWeb 7.0.0-7.0.11, 7.2.0-7.2.11, 7.4.0-7.4.10, 7.6.0-7.6.5, 8.0.0-8.0.1 - OS Command Injection

CVE-2025-54972 MEDIUM

Fortinet FortiMail <7.6.3 - Crlf Injection

Previous Page 4 of 45 Next

Products

fortios 267 fortiweb 124 fortiproxy 117 fortimanager 112 fortianalyzer 92 forticlient 85 fortisandbox 58 fortimail 46 fortiportal 44 fortiadc 43 fortisoar 31 fortinac 30 fortisiem 29 fortimanager_cloud 27 fortipam 25 fortivoice 24 fortiauthenticator 23 fortiwlm 23 fortiswitchmanager 19 fortinet_antivirus 18 fortianalyzer_cloud 17 fortitester 16 fortiwan 16 fortimanager_firmware 15 fortiswitch 14 fortiwlc 14 FortiOS 13 fortianalyzer_big_data 13 forticlientems 13 fortianalyzer_firmware 12

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy