Fortinet is alerting customers of a critical OS command injection vulnerability in FortiSIEM report server that could be exploited by remote, unauthenticated attackers to execute commands through ...

CVE-2026-39808 is an OS command injection flaw in FortiSandbox that allows unauthenticated attackers to execute unauthorized ...

Update: In a statement to ZDNet, Fortinet criticized Rapid7 for releasing the study and said a patch would be released by the end of the month. "The security of our customers is always our first ...

Fortinet's endpoint management security server software is under fire from attackers, who are actively targeting two critical flaws, including a fresh zero-day that ...

Fortinet patched 27 vulnerabilities, including two critical FortiSandbox flaws leading to authentication bypass and code ...

Fortinet has confirmed that attackers are already exploiting a 9.1-rated zero-day vulnerability. Emergency security update ...

Fortinet customers have been urged to update their FortiClient Enterprise Management Server (EMS) products after the vendor ...

Fortinet warns of a critical FortiClient EMS zero-day vulnerability that is currently being exploited, allowing attackers to ...

Two new maximum-severity vulnerabilities have hit Fortinet's FortiSIEM product. Tracked under the identifiers CVE-2024-23108 and CVE-2024-23109, these vulnerabilities threaten the security posture of ...

Fortinet released an emergency patch over the weekend for a critical FortiClient Enterprise Management Server (EMS) bug ...

Fortinet disclosed that it has observed exploitation of a vulnerability in its FortiClient EMS (Enterprise Management Server) ...