CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/04/14 6:30 p.m.•1 views

EUVD-2026-22327

A heap-based buffer overflow vulnerability in Fortinet FortiAnalyzer Cloud 7.6.2 through 7.6.4, FortiManager Cloud 7.6.2 through 7.6.4 may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests. Successful exploitation would require a large...

EUVD•added 2026/04/14 6:30 p.m.•1 views

EUVD-2025-209453

7.2CVSS6AI score0.00511EPSS

NVD•added 2026/04/14 4:16 p.m.•1 views

CVE-2026-22828

8.1CVSS0.00901EPSS

Cvelist•added 2026/04/14 3:38 p.m.•24 views

CVE-2026-22828

8.1CVSS0.00901EPSS

CVE•added 2026/04/14 3:38 p.m.•16 views

CVE-2026-22828

A heap-based buffer overflow vulnerability affects Fortinet FortiAnalyzer Cloud 7.6.2–7.6.4 and FortiManager Cloud 7.6.2–7.6.4, enabling remote unauthenticated code execution via crafted requests. Exploitation would be effortful due to ASLR and network segmentation. CVSS 3.1 v3 base score 8.1 (HI...

Exploits0References1Affected Software2

Vulnrichment•added 2026/04/14 3:38 p.m.•1 views

CVE-2026-22828

Positive Technologies•added 2026/04/14 12:0 a.m.•2 views

PT-2026-32661

An improper limitation of a pathname to a restricted directory 'path traversal' vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.0 through 7.6.4, FortiAnalyzer...

6CVSS5.8AI score0.00413EPSS

Exploits0References3

CNNVD•added 2026/04/14 12:0 a.m.•5 views

Fortinet FortiManager Cloud和Fortinet FortiAnalyzer Cloud 安全漏洞

Fortinet FortiManager Cloud and Fortinet FortiAnalyzer Cloud are products of Fortinet, a US-based company. Fortinet FortiManager Cloud is a cloud-based network management software. Fortinet FortiAnalyzer Cloud is a cloud-based logging platform based on FortiAnalyzer. There are security...

8.1CVSS6.3AI score0.00901EPSS

Positive Technologies•added 2026/04/14 12:0 a.m.•3 views

PT-2026-32669

Name of the Vulnerable Software and Affected Versions Fortinet FortiAnalyzer Cloud versions 7.6.2 through 7.6.4 FortiManager Cloud versions 7.6.2 through 7.6.4 Description A heap-based buffer overflow allows a remote unauthenticated attacker to execute arbitrary code or commands by sending...

RedhatCVE•added 2026/03/26 3:5 p.m.•3 views

Exploits0References6

CVE-2025-68648

A use of externally-controlled format string vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud 7.4.1 through 7.4.7, FortiAnalyzer Cloud 7.2...

7.2CVSS5.8AI score0.00571EPSS

Tenable Nessus•added 2026/03/23 12:0 a.m.•3 views

Siemens APE1808 Weak Authentication (CVE-2024-48886)

A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, FortiManager versions 7.6.0 through 7.6.1, 7.4.1...

9.8CVSS6AI score0.00462EPSS

EUVD•added 2026/03/10 6:31 p.m.•2 views

EUVD-2026-10518

An improper restriction of excessive authentication attempts vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4 all versions, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud...

3.7CVSS5.7AI score0.00369EPSS

EUVD•added 2026/03/10 6:31 p.m.•3 views

EUVD-2026-10511

An authentication bypass using an alternate path or channel vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2.2 through 7.2.11, FortiAnalyzer Cloud 7.6.0 through 7.6.3, FortiAnalyzer Cloud 7.4.0 through 7.4.7, FortiAnalyzer Cloud 7.2...

7.2CVSS5.8AI score0.00562EPSS

EUVD•added 2026/03/10 6:31 p.m.•2 views

EUVD-2025-208499

A use of externally-controlled format string vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.0 through 7.6.4, FortiAnalyzer Cloud 7.4.0 through 7.4.7,...

7.2CVSS5.8AI score0.00571EPSS

OSV•added 2026/03/10 6:18 p.m.•3 views

CVE-2026-22629

3.7CVSS5.7AI score

NVD•added 2026/03/10 6:18 p.m.•0 views

CVE-2026-22629

3.7CVSS0.00369EPSS

NVD•added 2026/03/10 6:18 p.m.•2 views

CVE-2025-68648

7.2CVSS0.00571EPSS

OSV•added 2026/03/10 6:18 p.m.•3 views

CVE-2025-68648

A use of externally-controlled format string vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.0 through 7.6.4, FortiAnalyzer Cloud 7.4.0 through 7.4.7,...

7.2CVSS5.8AI score

NVD•added 2026/03/10 6:17 p.m.•2 views

CVE-2025-48418

A hidden functionality vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2.0 through 7.2.10, FortiAnalyzer 7.0.0 through 7.0.14, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud 7.4.1 through 7.4.7,...

7.2CVSS0.0052EPSS