Briefing Zero-days CVEs IOCs NewsActors Vendors Licenses Help

⌘+KWorkspace→

Real-time security intelligence — KEV, CVEs, exploits, threat actors and IOCs unified into one live view.

Sources Status API docs Licenses Help Security disclosure

Built by Kiril Urbonas

ZeroDayAttack — AppSec intelligence aggregator

52 results

For "fortinet" across CVEs, vendor advisories, threat actors, IOCs, security research, and news.

All52 Vulnerabilities46 Threat actors1 Vendor advisories0 Research4 News1 IOCs0

Vulnerabilities

CVE-2023-27997Critical· 9.8KEV22 h ago
Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability
CVE-2026-35616Critical· 9.8KEV22 h ago
Fortinet FortiClient EMS Improper Access Control Vulnerability
CVE-2021-44168Low

· 3.3

KEV

22 h ago

Fortinet FortiOS Arbitrary File Download

CVE-2025-24472High· 8.1KEV22 h ago

Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability

CVE-2024-21762Critical· 9.8KEV22 h ago

Fortinet FortiOS Out-of-Bound Write Vulnerability

CVE-2022-41328Medium· 6.7KEV22 h ago

Fortinet FortiOS Path Traversal Vulnerability

CVE-2026-21643Critical· 9.8KEV22 h ago

Fortinet FortiClient EMS SQL Injection Vulnerability

CVE-2019-6693Medium· 6.5KEV22 h ago

Fortinet FortiOS Use of Hard-Coded Credentials Vulnerability

CVE-2024-55591Critical· 9.8KEV22 h ago

Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability

CVE-2020-12812Critical· 9.8KEV22 h ago

Fortinet FortiOS SSL VPN Improper Authentication Vulnerability

CVE-2025-32756Critical· 9.8KEV22 h ago

Fortinet Multiple Products Stack-Based Buffer Overflow Vulnerability

CVE-2026-24858Critical· 9.8KEV22 h ago

Fortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel Vulnerability

CVE-2022-42475Critical· 9.8KEV22 h ago

Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability

CVE-2022-40684Critical· 9.8KEVEXPLOIT22 h ago

Fortinet Multiple Products Authentication Bypass Vulnerability

CVE-2018-13374Medium· 4.3KEVEXPLOIT22 h ago

Fortinet FortiOS and FortiADC Improper Access Control Vulnerability

CVE-2018-13379Critical· 9.1KEVEXPLOIT22 h ago

Fortinet FortiOS SSL VPN Path Traversal Vulnerability

CVE-2023-48788Critical· 9.8KEVEXPLOIT22 h ago

Fortinet FortiClient EMS SQL Injection Vulnerability

CVE-2025-64446Critical· 9.8KEVEXPLOIT22 h ago

Fortinet FortiWeb Path Traversal Vulnerability

CVE-2025-59718Critical· 9.8KEV22 h ago

Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability

CVE-2025-25257Critical· 9.8KEVEXPLOIT22 h ago

Fortinet FortiWeb SQL Injection Vulnerability

CVE-2018-13382Critical· 9.1KEVEXPLOIT22 h ago

Fortinet FortiOS and FortiProxy Improper Authorization

CVE-2019-5591Medium· 6.5KEV22 h ago

Fortinet FortiOS Default Configuration Vulnerability

CVE-2024-23113Critical· 9.8KEV22 h ago

Fortinet Multiple Products Format String Vulnerability

CVE-2025-58034High· 7.2KEVEXPLOIT22 h ago

Fortinet FortiWeb OS Command Injection Vulnerability

CVE-2018-13383Medium· 4.3KEV22 h ago

Fortinet FortiOS and FortiProxy Out-of-bounds Write

CVE-2024-47575Critical· 9.8KEVEXPLOIT22 h ago

Fortinet FortiManager Missing Authentication Vulnerability

CVE-2023-45583Medium· 6.71 d ago

A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0.0 through 6.0.16, FortiPAM 1.1.0, F

CVE-2023-36640Medium· 6.71 d ago

CVE-2026-25089Critical· 9.81 d ago

A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0

CVE-2026-49938Medium· 6.51 d ago

A improper access control vulnerability in Fortinet FortiPortal 7.4.0 through 7.4.7, FortiPortal 7.2.0 through 7.2.8, FortiPortal 7.0 all versions may allow attacker to improper access control via <insert attack vector here>

CVE-2025-67862Medium· 6.71 d ago

An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability [CWE-1244] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS

CVE-2025-31514Low· 2.73 d ago

A insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3

CVE-2025-59719Critical· 9.84 d ago

An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9 may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication

CVE-2025-58903Low· 2.74 d ago

An Unchecked Return Value vulnerability [CWE-252] in Fortinet FortiOS version 7.6.0 through 7.6.3 and before 7.4.8 API allows an authenticated user to cause a Null Pointer Dereference, crashing the http daemon via a specialy crafted reques

CVE-2025-58413High· 7.54 d ago

A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versio

CVE-2025-54821Low· 1.94 d ago

An Improper Privilege Management vulnerability [CWE-269] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.6.0, FortiPAM

CVE-2025-53844High· 8.84 d ago

A out-of-bounds write vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11 allows attacker to execute unauthorized code or commands via specially crafted packets.

CVE-2025-53843High· 7.54 d ago

CVE-2025-47890Low· 2.64 d ago

An URL Redirection to Untrusted Site vulnerabilities [CWE-601] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiProxy 7.6.

CVE-2025-31366Medium· 4.74 d ago

An Improper Neutralization of Input During Web Page Generation vulnerability [CWE-79] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all ve

CVE-2025-25249High· 8.14 d ago

A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4 all versions, FortiSwitchManager 7.2.0 through 7.2.6, F

CVE-2024-52963Low· 3.74 d ago

A out-of-bounds write in Fortinet FortiOS versions 7.6.0, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16, 6.4.0 through 6.4.15 allows attacker to trigger a denial of service via specially crafted packets.

CVE-2024-32122Low· 2.34 d ago

A storing passwords in a recoverable format in Fortinet FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to information disclosure via modification of LDAP server IP t

CVE-2026-40688High· 7.22026-04-15

ZDI-26-266: Fortinet FortiWeb cat_cgi_paths Out-Of-Bounds Write Remote Code Execution Vulnerability

CVE-2026-39811High· 4.92026-04-15

ZDI-26-265: Fortinet FortiWeb cgi_buf_alloc Integer Overflow Denial-of-Service Vulnerability

CVE-2026-24018High· 7.82026-03-10

ZDI-26-186: Fortinet FortiClient Link Following Local Privilege Escalation Vulnerability