CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/05/12 12:0 a.m.•4 views

Fortinet Fortigate Out-of-bounds access in CAPWAP daemon (FG-IR-26-123)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-123 advisory. - An Out-Of-Bounds Write vulnerability CWE-787 in FortiOS capwap daemon may allow an attacker controlling an authenticated...

8.8CVSS6AI score0.00023EPSS

EUVD•added 2026/04/14 6:30 p.m.•3 views

EUVD-2025-209452

An Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' CWE-22 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.7.0, FortiPAM 1.6 all versions,...

6CVSS5.9AI score0.00093EPSS

EUVD•added 2026/04/14 6:30 p.m.•0 views

EUVD-2025-209450

A missing authentication for critical function vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4 all versions, FortiOS 6.2.9 through 6.2.17 allows attacker to execute unauthorized code or...

6.5CVSS6AI score0.00052EPSS

NVD•added 2026/04/14 4:16 p.m.•1 views

CVE-2025-61624

6.5CVSS0.00093EPSS

NVD•added 2026/04/14 4:16 p.m.•5 views

CVE-2025-53847

8.8CVSS0.00052EPSS

Vulnrichment•added 2026/04/14 3:39 p.m.•0 views

CVE-2025-61624

6CVSS5.9AI score0.00093EPSS

CVE•added 2026/04/14 3:38 p.m.•13 views

CVE-2025-53847

CVE-2025-53847 affects Fortinet FortiOS/FortiGate: missing authentication for a critical function allows an attacker to execute unauthorized code or commands via specially crafted packets. Impact spans FortiOS versions 6.2.x (6.2.9–6.2.17), 6.4.x (all versions), 7.0.x (7.0.0–7.0.17), 7.2.x (7.2.0...

8.8CVSS6AI score0.00052EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/04/14 3:38 p.m.•0 views

CVE-2025-53847

6.5CVSS6AI score0.00052EPSS

Cvelist•added 2026/04/14 3:38 p.m.•26 views

CVE-2025-53847

6.5CVSS0.00052EPSS

Positive Technologies•added 2026/04/14 12:0 a.m.•2 views

PT-2026-32650

6.5CVSS6AI score0.00052EPSS

CNNVD•added 2026/04/14 12:0 a.m.•4 views

Fortinet FortiOS 访问控制错误漏洞

8.8CVSS6AI score0.00052EPSS

Tenable Nessus•added 2026/04/14 12:0 a.m.•1 views

Fortinet Fortigate Path Traversal in CLI (FG-IR-26-122)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-122 advisory. - An Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' CWE-22 vulnerability in Fortinet FortiOS...

6.5CVSS5.9AI score0.00093EPSS

Positive Technologies•added 2026/04/14 12:0 a.m.•0 views

PT-2026-32652

6CVSS5.9AI score0.00093EPSS

Tenable Nessus•added 2026/04/14 12:0 a.m.•7 views

Fortinet Fortigate Missing Authentication for critical function in CAPWAP daemon (FG-IR-26-125)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-125 advisory. - A missing authentication for critical function vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through...

8.8CVSS6AI score0.00052EPSS

Tenable Nessus•added 2026/03/23 12:0 a.m.•3 views

Siemens APE1808 Improper Limitation of a Pathname to a Restricted Directory (CVE-2024-48884)

A improper limitation of a pathname to a restricted directory 'path traversal' in Fortinet FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiOS versions 7.6.0, 7.4.0 through 7.4.4, 7.2.5 through 7.2.9, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy 7.4.0 through 7.4.5,...

9.1CVSS5.9AI score0.50282EPSS

Tenable Nessus•added 2026/03/23 12:0 a.m.•4 views

Siemens APE1808 Exposure of Sensitive Information to an Unauthorized Actor (CVE-2025-68686)

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability CWE-200 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.1, FortiOS 7.4.0 through 7.4.6, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions may allow a remote unauthenticated attacker to bypas...

5.9CVSS5.8AI score0.00032EPSS

Exploits1References2

Tenable Nessus•added 2026/03/23 12:0 a.m.•1 views

Siemens APE1808 Insufficient Session Expiration (CVE-2025-25252)

An Insufficient Session Expiration vulnerability CWE-613 in FortiOS SSL VPN 7.6.0 through 7.6.2, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16, 6.4 all versions may allow a remote attacker e.g. a former admin whose account was removed and whose session was terminated in possessi...

6.5CVSS5.8AI score0.00046EPSS

Exploits1References2

Tenable Nessus•added 2026/03/23 12:0 a.m.•2 views

Siemens APE1808 Weak Authentication (CVE-2024-48886)

A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, FortiManager versions 7.6.0 through 7.6.1, 7.4.1...

9.8CVSS6AI score0.00426EPSS

Tenable Nessus•added 2026/03/23 12:0 a.m.•4 views

Siemens APE1808 Inconsistent Interpretation of HTTP Requests (CVE-2025-55018)

An inconsistent interpretation of http requests 'http request smuggling' vulnerability in Fortinet FortiOS 7.6.0, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4.3 through 6.4.16 may allow an unauthenticated attacker to smuggle an unlogged http request...

5.8CVSS6.1AI score0.0008EPSS