CVE-2026-45630

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.28.8 and earlier, authenticated OS command injection in the application.updateTraefikConfig tRPC endpoint allows admin/owner users to execute arbitrary system commands on remote servers via unsanitized echo shell interpolation...

CVE-2026-26083

CVE-2026-26083 describes a missing authorization vulnerability in Fortinet FortiSandbox products (versions ranging from FortiSandbox 4.4.x/5.0.x to FortiSandbox Cloud 5.0.2–5.0.5 and FortiSandbox PaaS 21.3–23.4, including 22.1–22.2, 5.0.0–5.0.1, and 4.4.5–4.4.8). The issue allows an unauthenticat...

CVE-2025-59808

An unverified password change vulnerability CWE-620 vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.2, FortiSOAR PaaS 7.5.0 through 7.5.1, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5....