Lucene search
K

17 matches found

The Hacker News
The Hacker News
added 2026/06/10 3:10 p.m.19 views

Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities

Fortinet, Ivanti, and SAP have released security updates to address multiple critical security vulnerabilities that could result in arbitrary code execution and information disclosure. The security flaw patched by Fortinet relates to a command injection vulnerability in FortiSandbox, FortiSandbox...

10CVSS9.6AI score0.99041EPSS
Exploits8
Cvelist
Cvelist
added 2026/06/09 2:27 p.m.117 views

CVE-2026-25089

A improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4 through 5.0.5, FortiSandbox PaaS 5.0.4 through 5.0.5 may...

9.8CVSS0.23393EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.12 views

CVE-2026-26083

A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through 5.0.5, FortiSandbox PaaS 23.4 all versions, FortiSandbox PaaS 23.3 all versions, FortiSandbox PaaS 23.1 all versions, FortiSandbox PaaS 22.2 all...

9.8CVSS6.1AI score0.00733EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 6:30 p.m.17 views

EUVD-2026-29550

A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through 5.0.5, FortiSandbox PaaS 23.4 all versions, FortiSandbox PaaS 23.3 all versions, FortiSandbox PaaS 23.1 all versions, FortiSandbox PaaS 22.2 all...

9.8CVSS6AI score0.00733EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/12 4:54 p.m.6 views

CVE-2026-26083

A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through 5.0.5, FortiSandbox PaaS 23.4 all versions, FortiSandbox PaaS 23.3 all versions, FortiSandbox PaaS 23.1 all versions, FortiSandbox PaaS 22.2 all...

9.8CVSS6AI score0.00733EPSS
Exploits0References1
NCSC
NCSC
added 2026/04/15 12:23 p.m.10 views

vulnerabilities in Fortinet FortiSandbox

Fortinet has identified several vulnerabilities in FortiSandbox, including those in on-premises versions and FortiSandbox Cloud. Two of these vulnerabilities are classified as critical by Fortinet. Malicious actors can exploit these vulnerabilities through CVE-2026-39813 and CVE-2026-39808. In...

9.8CVSS6AI score0.48668EPSS
Exploits7References5
RedhatCVE
RedhatCVE
added 2026/03/26 3:4 p.m.4 views

CVE-2026-25836

An improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet FortiSandbox Cloud 5.0.4, FortiSandbox PaaS 5.0.4 may allow a privileged attacker with super-admin profile and CLI access to execute unauthorized code or commands via crafted HTTP...

7.2CVSS6AI score0.0176EPSS
Exploits0References1
CNVD
CNVD
added 2026/03/17 12:0 a.m.3 views

Fortinet FortiSandbox Cloud OS Command Injection Vulnerability

Fortinet FortiSandbox Cloud is a malware sandbox analysis platform from US-based Fiat Fortinet. Fortinet FortiSandbox Cloud version 5.0.4 suffers from an OS command injection vulnerability. The vulnerability stems from improper neutralization of special elements in os commands and can be exploite...

7.2CVSS6AI score0.0176EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/10 6:31 p.m.5 views

EUVD-2026-10532

An improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet FortiSandbox Cloud 5.0.4 may allow a privileged attacker with super-admin profile and CLI access to execute unauthorized code or commands via crafted HTTP requests...

7.2CVSS5.9AI score0.0176EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/10 6:31 p.m.5 views

EUVD-2026-10531

An improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet FortiSandbox Cloud 5.0.4 may allow a privileged attacker with super-admin profile and CLI access to execute unauthorized code or commands via crafted HTTP requests...

7.2CVSS5.9AI score0.0176EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/10 4:44 p.m.3 views

CVE-2026-25836

An improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet FortiSandbox Cloud 5.0.4 may allow a privileged attacker with super-admin profile and CLI access to execute unauthorized code or commands via crafted HTTP requests...

7.2CVSS5.9AI score0.0176EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/10 4:44 p.m.2 views

CVE-2026-25836

An improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet FortiSandbox Cloud 5.0.4 may allow a privileged attacker with super-admin profile and CLI access to execute unauthorized code or commands via crafted HTTP requests...

7.2CVSS5.9AI score0.0176EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/10 4:44 p.m.29 views

CVE-2026-25836

An improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet FortiSandbox Cloud 5.0.4, FortiSandbox PaaS 5.0.4 may allow a privileged attacker with super-admin profile and CLI access to execute unauthorized code or commands via crafted HTTP...

7.2CVSS0.0176EPSS
Exploits0References1
CVE
CVE
added 2026/03/10 4:44 p.m.14 views

CVE-2026-25836

FortiSandbox Cloud 5.0.4 is affected by an OS command injection vulnerability. A privileged attacker with super-admin profile and CLI access can craft HTTP requests to execute arbitrary commands on the system. The CVSSv3.1 base score is 7.2 (HIGH) with network access, low attack complexity, and h...

7.2CVSS6AI score0.0176EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.9 views

Fortinet FortiSandbox Cloud 操作系统命令注入漏洞

Fortinet FortiSandbox Cloud is a malware sandbox analysis platform from US-based Fiat Fortinet. Fortinet FortiSandbox Cloud version 5.0.4 suffers from an OS command injection vulnerability. The vulnerability stems from improper neutralization of special elements in os commands and can be exploite...

7.2CVSS6AI score0.0176EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.9 views

PT-2026-24248

Name of the Vulnerable Software and Affected Versions Fortinet FortiSandbox Cloud version 5.0.4 Description The system contains a flaw due to improper neutralization of special elements used in an operating system command, specifically an 'os command injection' issue. Successful exploitation may...

9CVSS6AI score0.0176EPSS
Exploits0References5
OSV
OSV
added 2025/12/09 6:15 p.m.1 views

CVE-2025-53679

An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions, FortiSandbox Cloud 24.1,...

7.2CVSS6.1AI score
Exploits0References1
Rows per page
Query Builder