FortiSandbox
Coverage of FortiSandbox in the Nexus archive.
- Three critical Fortinet sandbox bugs splattered by unknown attackers
Three critical vulnerabilities in Fortinet's FortiSandbox are being actively exploited by unknown attackers. Fortinet has patched two of the flaws (CVE-2026-39813 and CVE-2026-39808) in April and a third (CVE-2026-25089) last week, all rated 9.1 on the CVSS scale. Threat intelligence firm Defused reported ongoing exploitation attempts, including unpatched vulnerabilities allowing remote code execution and authentication bypass.
- Critical Fortinet FortiSandbox flaws now exploited in attacks
Attackers are exploiting critical vulnerabilities in Fortinet's FortiSandbox cyber threat detection platform, as reported by threat intelligence company Defused.
- Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator
Fortinet has released security patches for critical vulnerabilities in FortiSandbox and FortiAuthenticator that could enable attackers to run commands or arbitrary code. The flaws are considered critical RCE vulnerabilities. Fortinet's patches address these issues to prevent potential attacks.