CISA Warns of Fortinet FortiSandbox OS Injection Vulnerabilities Exploited in Attacks

CISA has added two critical Fortinet FortiSandbox vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, warning that attackers are actively exploiting the flaws in real-world attacks. The vulnerabilities, identified as CVE-2026-39808 and CVE-2026-25089, allow unauthenticated attackers to execute unauthorized operating system commands through specially crafted HTTP requests. Both issues are classified as OS command injection […]

The post CISA Warns of Fortinet FortiSandbox OS Injection Vulnerabilities Exploited in Attacks appeared first on Cyber Security News.

This article has been indexed from Cyber Security News

Read the original article: