Fortinet Fortigate LDAP authentication bypass in Agentless VPN and FSSO (FG-IR-25-1052)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-25-1052 advisory. - An Authentication Bypass by Primary Weakness vulnerability CWE-305 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4 m...

Fortinet Fortigate Format String in CAPWAP fast-failover mode (FG-IR-25-795)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-25-795 advisory. - A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through...

PT-2026-7276

Name of the Vulnerable Software and Affected Versions Fortinet FortiOS versions 7.0 through 7.2.11 Fortinet FortiOS versions 7.4.0 through 7.4.9 Fortinet FortiOS versions 7.6.0 through 7.6.4 Description An issue exists in Fortinet FortiOS where a use of externally-controlled format string can all...

Fortinet FortiOS 安全漏洞

Fortinet FortiOS is a security operating system developed by Fortinet Corporation, specifically for use on the FortiGate network security platform. This system provides users with various security features, including firewalls, antivirus protection, IPSec/SSLVPN, web content filtering, and...

Fortinet FortiOS 环境问题漏洞

Fortinet FortiOS is a security operating system developed by Fortinet Corporation, specifically for use on the FortiGate network security platform. This system provides users with various security features, including firewalls, antivirus protection, IPSec/SSL VPN, web content filtering, and...

PT-2026-7274

An Improper Verification of Source of a Communication Channel vulnerability CWE-940 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions may allow an authenticated user with knowledge of FSSO policy configurations t...

Fortinet FortiOS 格式化字符串错误漏洞

Fortinet FortiOS is a security operating system developed by Fortinet Corporation, specifically for use on the FortiGate network security platform. This system provides users with various security features such as firewalls, antivirus protection, IPSec/SSLVPN, web content filtering, and anti-spam...

Fortinet Fortigate (FG-IR-25-667)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-25-667 advisory. - An inconsistent interpretation of http requests 'http request smuggling' vulnerability in Fortinet FortiOS 7.6.0, FortiOS...

PT-2026-7281

Name of the Vulnerable Software and Affected Versions Fortinet FortiOS versions 7.6.0 through 7.6.4 Description An authentication bypass issue exists in Fortinet FortiOS. This flaw may allow an unauthenticated attacker to bypass LDAP authentication for Agentless VPN or Fortinet Single Sign-On FSS...

Fortinet Fortigate Firewall policy bypass in FSSO Terminal Services Agent (FG-IR-25-384)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-25-384 advisory. - An Improper Verification of Source of a Communication Channel vulnerability CWE-940 vulnerability in Fortinet FortiOS 7.6.0...

PT-2026-7273

Name of the Vulnerable Software and Affected Versions Fortinet FortiOS versions 6.4.3 through 6.4.16 Fortinet FortiOS versions 7.0 all versions Fortinet FortiOS versions 7.2 all versions Fortinet FortiOS versions 7.4.0 through 7.4.9 Fortinet FortiOS version 7.6.0 Description An issue exists in th...

PT-2026-7277

Name of the Vulnerable Software and Affected Versions Fortinet FortiOS versions 6.4 through 7.6.1 Description A flaw exists in Fortinet FortiOS that could allow an unauthorized actor to access sensitive information. Successful exploitation requires prior compromise of the product at the filesyste...

Fortinet FortiOS 信息泄露漏洞

Fortinet FortiOS is a security operating system developed by the American company Fortinet, specifically designed for use on the FortiGate network security platform. This system provides users with various security features, including firewalls, antivirus protection, IPSec/SSLVPN, web content...

Fortinet FortiOS 安全漏洞

Fortinet FortiOS is a security operating system developed by the American company Fortinet, specifically designed for use with the FortiGate network security platform. This system offers users various security features, including firewalls, antivirus protection, IPSec/SSLVPN, web content filterin...

Fortinet Fortigate SSL-VPN Symlink Persistence Patch Bypass (FG-IR-25-934)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-25-934 advisory. - An Exposure of Sensitive Information to an Unauthorized Actor vulnerability CWE-200 vulnerability in Fortinet FortiOS 7.6.0...

CVE-2026-25815

Fortinet FortiOS through 7.6.6 allows attackers to decrypt LDAP credentials stored in device configuration files, as exploited in the wild from 2025-12-16 through 2026 by default, the encryption key is the same across all customers' installations. NOTE: the Supplier's position is that the instanc...

EUVD-2026-5525

Fortinet FortiOS through 7.6.6 allows attackers to decrypt LDAP credentials stored in device configuration files, as exploited in the wild from 2025-12-16 through 2026 by default, the encryption key is the same across all customers' installations. NOTE: the Supplier's position is that the instanc...

CVE-2026-25815

Fortinet FortiOS through 7.6.6 allows attackers to decrypt LDAP credentials stored in device configuration files, as exploited in the wild from 2025-12-16 through 2026 by default, the encryption key is the same across all customers' installations. NOTE: the Supplier's position is that the instanc...

CVE-2026-25815

Fortinet FortiOS through 7.6.6 allows attackers to decrypt LDAP credentials stored in device configuration files, as exploited in the wild from 2025-12-16 through 2026 by default, the encryption key is the same across all customers' installations. NOTE: the Supplier's position is that the instanc...

CVE-2026-25815

Fortinet FortiOS through 7.6.6 allows attackers to decrypt LDAP credentials stored in device configuration files, as exploited in the wild from 2025-12-16 through 2026 by default, the encryption key is the same across all customers' installations. NOTE: the Supplier's position is that the instanc...