CVE-2026-39811

MEDIUM

FortiWeb 8.0.0-8.0.3, 7.6.0-7.6.6, 7.4.0-7.4.12, 7.2.0-7.2.12, 7.0.0-7.0.12 - Denial of Service via Integer Overflow

Title source: llm

Description

A integer overflow or wraparound vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow attacker to denial of service via <insert attack vector here>

References (1)

Core 1

Core References

https://fortiguard.fortinet.com/psirt/FG-IR-26-108

Scores

CVSS v3 4.9

EPSS 0.0037

EPSS Percentile 28.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-190

Status published

Products (6)

Fortinet/FortiWeb 7.0.0 - 7.0.12

fortinet/fortiweb 7.0.0 - 7.0.13

Fortinet/FortiWeb 7.2.0 - 7.2.12

Fortinet/FortiWeb 7.4.0 - 7.4.12

Fortinet/FortiWeb 7.6.0 - 7.6.6

Fortinet/FortiWeb 8.0.0 - 8.0.3

Published Apr 14, 2026

Tracked Since Apr 14, 2026