CVE-2026-39811

MEDIUM

Fortinet FortiWeb < 8.0.3 - Denial of Service

Title source: rule

Description

A integer overflow or wraparound vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow attacker to denial of service via <insert attack vector here>

References (1)

https://fortiguard.fortinet.com/psirt/FG-IR-26-108

Scores

CVSS v3 4.9

EPSS 0.0013

EPSS Percentile 31.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-190

Status published

Products (6)

Fortinet/FortiWeb 7.0.0 - 7.0.12

fortinet/fortiweb 7.0.0 - 7.0.13

Fortinet/FortiWeb 7.2.0 - 7.2.12

Fortinet/FortiWeb 7.4.0 - 7.4.12

Fortinet/FortiWeb 7.6.0 - 7.6.6

Fortinet/FortiWeb 8.0.0 - 8.0.3

Published Apr 14, 2026

Tracked Since Apr 14, 2026