Lucene search
K

Vulnerabilities are detected in Fortinet FortiAnalyzer and FortiManager

🗓️ 15 Apr 2026 12:20:38Reported by NCSCType 
ncsc
 ncsc
🔗 advisories.ncsc.nl👁 16 Views

Fortinet fixed SQL injection, path traversal, and heap overflow in FortiAnalyzer and FortiManager products; updates issued.

Related
Refs
ReporterTitlePublishedViews
Family
BDU FSTEC
The vulnerability of the Fortinet FortiManager Cloud software for centralized device management, as well as the FortiAnalyzer Cloud software for security event monitoring and analysis, arises from a buffer overflow in the dynamic memory. This vulnerability allows an attacker to execute arbitrary code.
20 Apr 202600:00
bdu_fstec
BDU FSTEC
The vulnerability of the software for centralized device management of Fortinet’s FortiManager and FortiManager Cloud, as well as the security event monitoring and analysis tools Fortinet’s FortiAnalyzer and FortiAnalyzer Cloud, stems from the lack of protection for the SQL query structure. This allows attackers to execute arbitrary commands or code.
20 Apr 202600:00
bdu_fstec
BDU FSTEC
The vulnerability of the software for centralized device management of Fortinet’s FortiManager and FortiManager Cloud, as well as the security event monitoring and analysis tools Fortinet’s FortiAnalyzer and FortiAnalyzer Cloud, stems from incorrect restrictions on the path to the restricted directory. This allows attackers to delete any files they desire.
20 Apr 202600:00
bdu_fstec
Circl
CVE-2025-61848
14 Apr 202617:28
circl
Circl
CVE-2026-22828
14 Apr 202616:51
circl
CNNVD
Fortinet FortiManager Cloud和Fortinet FortiAnalyzer Cloud 安全漏洞
14 Apr 202600:00
cnnvd
CNNVD
Fortinet多款产品 路径遍历漏洞
14 Apr 202600:00
cnnvd
CNNVD
Fortinet多款产品 SQL注入漏洞
14 Apr 202600:00
cnnvd
CVE
CVE-2025-61848
14 Apr 202615:38
cve
CVE
CVE-2025-68649
14 Apr 202615:39
cve
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

15 Apr 2026 12:20Current
6.2Medium risk
Vulners AI Score6.2
CVSS 3.16.5 - 8.1
EPSS0.00901
SSVC
16