PT-2026-40266

A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.2, FortiClientWindows 7.2 all versions may allow attacker to information disclosure via...

SSCMS 跨站脚本漏洞

SSCMS SiteServerCMS is a content management system developed by SSCMS Corporation in China. Version 7.4.0 of SSCMS contains a cross-site scripting vulnerability. This vulnerability stems from STL processing of endpoint scenarios involving reflective cross-site scripts. It may allow attackers to...

be.ugent.idlab.knows:dataio (>=1.2.0 <=1.3.1), cn.org.expect:modest-build (=1.0.4) +221 more potentially affected by unknown CVE via com.github.junrar:junrar (>=7.4.0 <=7.5.1)

com.github.junrar:junrar MAVEN version =7.4.0, =1.2.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1, =2.7.0, =2.7.2, =2.1, =3.5.3, =3.5.11 and more Source cves: unknown CVE Source advisory: SNYK:JAVA-COMGITHUBJUNRAR-16097905...

CVE-2026-40688

Fortinet FortiWeb is affected by CVE-2026-40688: an out-of-bounds write vulnerability in FortiWeb versions 8.0.0–8.0.3, 7.6.0–7.6.6, and 7.4.0–7.4.11 that may allow an attacker to execute unauthorized code or commands via an unspecified attack vector. The CVSS 3.1 data posted indicates network ac...

CVE-2026-39810

A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5 may allow attacker to information disclosure via decrypting database dump...

CVE-2026-39810

A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5 may allow attacker to information disclosure via decrypting database dump...

PT-2026-32689

CVE-2026-39810 A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5 may allow attacker to information disclosure via decrypting databas… https://t.co/v5ryBw0uAj...

Fortinet FortiClientEMS 安全漏洞

Fortinet FortiClientEMS is part of the endpoint management solution provided by Fortinet, a company owned by Fortinet Corporation. It aims to help organizations effectively manage terminal devices within their networks and provide monitoring and control of endpoint security. There are security...

EUVD-2026-10534

An improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4 may allow a remote unauthenticated attacker to provide arbitrary data enabling a social engineering attack via spoofed URL parameters...

EUVD-2026-10521

A UNIX symbolic link Symlink following vulnerability in Fortinet FortiClientLinux 7.4.0 through 7.4.4, FortiClientLinux 7.2.2 through 7.2.12 may allow a local and unprivileged user to escalate their privileges to root...

CVE-2026-24018

A UNIX symbolic link Symlink following vulnerability in Fortinet FortiClientLinux 7.4.0 through 7.4.4, FortiClientLinux 7.2.2 through 7.2.12 may allow a local and unprivileged user to escalate their privileges to root...

PT-2026-24249

An improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4 may allow a remote unauthenticated attacker to provide arbitrary data enabling a social engineering attack via spoofed URL parameters...

PT-2026-24244

Name of the Vulnerable Software and Affected Versions Fortinet FortiClientLinux versions 7.2.2 through 7.2.12 Fortinet FortiClientLinux versions 7.4.0 through 7.4.4 Description A flaw exists in Fortinet FortiClientLinux that involves a symbolic link Symlink following issue. This can allow a local...

Fortinet FortiClientLinux 安全漏洞

Fortinet FortiClientLinux is a security client software developed by the American company Fortinet. There are security vulnerabilities in versions 7.4.0 to 7.4.4 of Fortinet FortiClientLinux, as well as in versions 7.2.2 to 7.2.12 of FortiClientLinux. These vulnerabilities stem from UNIX symbolic...

Siklu EtherHaul Series EH-8010 - Remote Command Execution

Exploit Title:Siklu EtherHaul Series EH-8010 - Remote Command Execution Shodan Dork: "EH-8010" or "EH-1200" Date: 2025-08-02 Exploit Author: semaja2 - Andrew James Vendor Homepage: https://www.ceragon.com/products/siklu-by-ceragon Software Link: ftp://ftp.bubakov.net/siklu/ Version: EH-8010 and...

VulnCheck KEV: CVE-2025-64155

An improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4, FortiSIEM 7.1.0 through 7.1.8, FortiSIEM 7.0.0 through 7.0.4, FortiSIEM 6.7.0 through 6.7.10 may allow an attacker to execute...

PT-2026-2484

Name of the Vulnerable Software and Affected Versions FortiSIEM version 7.4.0 FortiSIEM versions 7.3.0 through 7.3.4 FortiSIEM versions 7.1.0 through 7.1.8 FortiSIEM versions 7.0.0 through 7.0.4 FortiSIEM versions 6.7.0 through 6.7.10 Description An OS command injection issue exists in the...

CVE-2025-10450 Exposure of Private Personal Information to an Unauthorized Actor vulnerability in RTI Connext Professional (Core Libraries) allows Sniffing Network Traffic.

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in RTI Connext Professional Core Libraries allows Sniffing Network Traffic.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.2.0 before 7.3.1...

CVE-2025-59719

An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9 may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message...

CVE-2025-64153

A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiExtender 7.6.0 through 7.6.3, FortiExtender 7.4.0 through 7.4.7, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated attacker to execute unauthorized...