Lucene search
+L

1125 matches found

NCSC
NCSC
added 3 days ago14 views

Vulnerabilities exist in several Fortinet products

Fortinet has identified vulnerabilities in several versions of FortiSIEM Windows Agent and general product versions, FortiOS, FortiPAM, and FortiProxy. One vulnerability exists in the FortiSIEM Windows Agent versions 7.4.0 through 7.4.1 with the identifier CVE-2026-59841. This vulnerability allow...

7.5CVSS6.2AI score0.00291EPSS
Exploits0References4
CVE
CVE
added 4 days ago35 views

CVE-2026-59840

Fortinet FortiOS (7.6.0–7.6.2, 7.4.0–7.4.8, 7.2 all) and FortiProxy (7.6.0–7.6.5, 7.4.0–7.4.13, 7.2 all) are affected by a buffer over-read that may lead to information disclosure. Root cause described as a buffer over-read affecting multiple Fortinet products; the exact attack vector is not spec...

4.3CVSS6.1AI score0.0018EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 4 days ago4 views

CVE-2026-59840

A buffer over-read vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.5, FortiProxy 7.4.0 through 7.4.13, FortiProxy 7.2 all versions, FortiProxy 7.0 all...

4.3CVSS6.1AI score0.0018EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago28 views

CVE-2026-59840

A buffer over-read vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.5, FortiProxy 7.4.0 through 7.4.13, FortiProxy 7.2 all versions, FortiProxy 7.0 all...

4.3CVSS0.0018EPSS
Exploits0References1
CVE
CVE
added 4 days ago58 views

CVE-2026-23573

Technical details for CVE-2026-23573 are not publicly available in the provided documents. Monitor for updates from Fortinet PSIRTs and NVD for affected products and fixes.

6.1CVSS6.2AI score0.00291EPSS
Exploits0References1Affected Software3
CVE
CVE
added 4 days ago61 views

CVE-2026-59839

CVE-2026-59839 describes a path traversal vulnerability: improper limitation of a pathname to a restricted directory in Fortinet products, affecting FortiOS (versions 7.6.0–7.6.6, 7.4.0–7.4.9, 7.2.x, 7.0.x, 6.4.x), FortiPAM (1.8.0 down to 1.0, all 1.x releases), and FortiProxy (7.6.0–7.6.5, 7.4–7...

5.5CVSS6.2AI score0.00208EPSS
Exploits0References1Affected Software3
CVE
CVE
added 4 days ago17 views

CVE-2025-62675

The CVE-2025-62675 entry concerns an issue described as an Improper Neutralization of CRLF Sequences in HTTP Headers (HTTP Response Splitting) in Fortinet FortiOS and FortiProxy products. Affected versions are FortiOS 7.6.0–7.6.4, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiProxy 7.6...

4.3CVSS6.2AI score0.00238EPSS
Exploits0References1Affected Software2
CVE
CVE
added 4 days ago8 views

CVE-2026-59837

Fortinet vulnerability CVE-2026-59837 affects FortiOS (7.4.0–7.4.1, 7.2 all), FortiPAM (1.0–1.8.2), and FortiProxy (7.2 all, 7.4.0–7.4.13). The issue is a stack-based buffer overflow exploitable by a privileged authenticated attacker who can bypass stack protection and ASLR, via crafted HTTP requ...

6.6CVSS6.5AI score0.00578EPSS
Exploits0References1Affected Software3
Tenable Nessus
Tenable Nessus
added 4 days ago7 views

Fortinet Fortigate Buffer overread in authd and wad daemon (FG-IR-26-154)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the FG-IR-26-154 advisory. - A buffer over-read vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2...

4.3CVSS6.2AI score0.00318EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 4 days ago15 views

Fortinet Fortigate Header injection in Web Filter warning page (FG-IR-26-152)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-152 advisory. - An Improper Neutralization of CRLF Sequences in HTTP Headers 'HTTP Response Splitting' vulnerability CWE-113 vulnerability ...

4.3CVSS6.2AI score0.00238EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 4 days ago6 views

PT-2026-58076

Name of the Vulnerable Software and Affected Versions FortiOS versions 7.6.0 through 7.6.6 FortiOS versions 7.4.0 through 7.4.9 FortiOS version 7.2 FortiOS version 7.0 FortiOS version 6.4 FortiPAM version 1.8.0 FortiPAM versions 1.7.0 through 1.7.2 FortiPAM version 1.6 FortiPAM version 1.5 FortiP...

5.5CVSS6.2AI score0.00208EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 4 days ago21 views

Fortinet Fortigate Header injection in captive portal authentication form (FG-IR-26-153)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-153 advisory. - An Improper Neutralization of CRLF Sequences in HTTP Headers 'HTTP Response Splitting' vulnerability CWE-113 vulnerability ...

4.3CVSS6.2AI score0.00257EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 4 days ago6 views

PT-2026-58075

Name of the Vulnerable Software and Affected Versions FortiOS versions 7.4.0 through 7.4.1 FortiOS versions 7.2.x FortiPAM versions 1.0 through 1.8.2 FortiProxy versions 7.4.0 through 7.4.13 FortiProxy versions 7.2.x Description A stack-based buffer overflow occurs when a privileged authenticated...

6.6CVSS6.5AI score0.00578EPSS
Exploits0References3
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.74 views

Fortinet FortiOS - Credentials Disclosure

Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests due to improper limitation of a...

9.8CVSS8.4AI score0.99999EPSS
Exploits22References3
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.87 views

Fortinet - Authentication Bypass

Fortinet contains an authentication bypass vulnerability via using an alternate path or channel in FortiOS 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy 7.2.0 and 7.0.0 through 7.0.6, and FortiSwitchManager 7.2.0 and 7.0.0. An attacker can perform operations on the administrative...

9.8CVSS8.6AI score0.99984EPSS
Exploits25References5
RedhatCVE
RedhatCVE
added 2026/06/10 3:0 p.m.14 views

CVE-2025-67862

An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability CWE-1244 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiPro...

6.7CVSS5.6AI score0.00149EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 6:30 p.m.11 views

EUVD-2025-210085

An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability CWE-1244 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiPro...

6.7CVSS5.6AI score0.00149EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 4:16 p.m.13 views

CVE-2025-67862

An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability CWE-1244 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiPro...

6.7CVSS0.00149EPSS
Exploits0References2
CVE
CVE
added 2026/06/09 2:27 p.m.53 views

CVE-2025-67862

Technical details for CVE-2025-67862 are not publicly available in the provided documents. Monitor for updates.

6.7CVSS5.6AI score0.00149EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/09 2:27 p.m.12 views

CVE-2025-67862

An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability CWE-1244 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiPro...

6.7CVSS5.6AI score0.00149EPSS
Exploits0References1
Rows per page
Query Builder