CISA has added two critical Fortinet FortiSandbox vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, warning that attackers are actively exploiting the flaws in real-world attacks. The vulnerabilities, identified as CVE-2026-39808 and CVE-2026-25089, allow unauthenticated attackers to execute unauthorized operating system commands through specially crafted HTTP requests. Both issues are classified as OS command injection [...] The post CISA Warns of Fortinet FortiSandbox OS Injection Vulnerabilities Exploited in Attacks appeared first on Cyber Security News .
Read Full ArticleThis article was originally published on cybersecuritynews. Click the button above to read the complete article.