Web development

CISA Warns of Fortinet FortiSandbox OS Injection Vulnerabilities Exploited in Attacks

CISA Warns of Fortinet FortiSandbox OS Injection Vulnerabilities Exploited in Attacks

CISA has added two critical Fortinet FortiSandbox vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, warning that attackers are actively exploiting the flaws in real-world attacks. The vulnerabilities, identified as CVE-2026-39808 and CVE-2026-25089, allow unauthenticated attackers to execute unauthorized operating system commands through specially crafted HTTP requests. Both issues are classified as OS command injection [...] The post CISA Warns of Fortinet FortiSandbox OS Injection Vulnerabilities Exploited in Attacks appeared first on Cyber Security News .

Read Full Article

This article was originally published on cybersecuritynews. Click the button above to read the complete article.