Flawtinet - Your Most Trusted Vulnerable Product

40+

Critical CVEs since 2024

60K+

Devices Affected

10.0

Max CVSS Score

610+

Days of Exposure

Active Campaign

"FortiBleed" — Mass Credential Compromise

Not a CVE, but too big to ignore: an ongoing campaign harvesting valid credentials from internet-facing FortiGate VPN and management interfaces via brute-force, credential-stuffing, and passive traffic monitoring. Researchers uncovered an operational server holding verified, working logins — no Fortinet zero-day or product compromise is implicated, just the time-honored tradition of exposed edge devices and reused passwords.

~86,644 devices compromised 194 countries Ports 443 / 4443 / 8443 / 10443 Status: Ongoing

Recent Vulnerability Hall of Fame

CVE ID	CVSS Score	Severity	Description	Affected Products	Status	Year
CVE-2026-39813	9.8	Critical	Path traversal enabling privilege escalation via specially crafted HTTP requests	FortiSandbox 5.0.0-5.0.5, 4.4.0-4.4.8	Patched	2026
CVE-2026-39808	9.8	Critical	OS command injection allowing execution of unauthorized code or commands	FortiSandbox 4.4.0-4.4.8	Patched	2026
CVE-2026-26083	9.8	Critical	Missing authorization permitting unauthenticated code/command execution via HTTP requests	FortiSandbox, FortiSandbox Cloud, FortiSandbox PaaS	Patched	2026
CVE-2026-25089	9.8	Critical	OS command injection enabling unauthenticated command execution via crafted HTTP requests	FortiSandbox, FortiSandbox Cloud, FortiSandbox PaaS	Patched	2026
CVE-2026-44277	9.8	Critical	Improper access control allowing unauthorized code/command execution via crafted requests	FortiAuthenticator 6.5.0-6.6.8, 8.0.0-8.0.2	Patched	2026
CVE-2026-35616	9.8	Critical	Improper access control enabling unauthenticated remote code execution via crafted requests	FortiClient EMS 7.4.5-7.4.6	Actively Exploited	2026
CVE-2026-24858	9.8	Critical	FortiCloud SSO authentication bypass allowing login to devices in other accounts	FortiAnalyzer, FortiManager, FortiOS, FortiProxy, FortiWeb, FortiNAC-F	Actively Exploited	2026
CVE-2026-21643	9.8	Critical	SQL injection enabling unauthenticated code/command execution via crafted HTTP requests	FortiClient EMS 7.4.4	Actively Exploited	2026
CVE-2025-22252	9.8	Critical	Missing authentication for a critical function granting administrative access	FortiOS, FortiProxy, FortiSwitchManager	Patched	2025
CVE-2025-25249	9.8	Critical	Heap-based buffer overflow enabling remote code execution via crafted packets	FortiOS, FortiSASE, FortiSwitchManager	Patched	2025
CVE-2025-25256	9.8	Critical	Unauthenticated OS command injection via crafted CLI requests	FortiSIEM	Patched	2025
CVE-2025-49201	9.8	Critical	Weak authentication allowing remote code execution via crafted HTTP requests	FortiPAM, FortiSwitchManager	Patched	2025
CVE-2025-59719	9.8	Critical	SAML signature verification flaw enabling unauthenticated FortiCloud SSO bypass	FortiWeb	Patched	2025
CVE-2025-64155	9.8	Critical	OS command injection via crafted TCP request	FortiSIEM	Patched	2025
CVE-2025-25257	9.8	Critical	Unauthenticated SQL injection via crafted HTTP/S requests	FortiWeb	Actively Exploited	2025
CVE-2025-32756	9.8	Critical	Stack-based buffer overflow via crafted hash cookie enabling unauthenticated RCE	FortiCamera, FortiMail, FortiNDR, FortiRecorder, FortiVoice	Actively Exploited	2025
CVE-2025-59718	9.8	Critical	SAML signature verification flaw enabling FortiCloud SSO authentication bypass	FortiOS, FortiProxy, FortiSwitchManager	Actively Exploited	2025
CVE-2025-64446	9.8	Critical	Relative path traversal allowing unauthenticated administrative command execution	FortiWeb	Actively Exploited	2025
CVE-2025-52436	9.6	Critical	Unauthenticated cross-site scripting (XSS) vulnerability	FortiSandbox	Patched	2025
CVE-2025-24472	8.1	High	Authentication bypass via crafted CSF proxy requests granting super-admin privileges	FortiOS, FortiProxy	Actively Exploited	2025
CVE-2025-58034	7.2	High	Authenticated OS command injection (chained with CVE-2025-64446)	FortiWeb	Actively Exploited	2025
CVE-2024-23109	10.0	Critical	OS command injection via crafted API requests	FortiSIEM	Patched	2024
CVE-2024-23108	10.0	Critical	OS command injection via crafted API requests enabling remote code execution	FortiSIEM	PoC Available	2024
CVE-2024-23106	9.8	Critical	Improper restriction of excessive authentication attempts enabling brute force	FortiClient EMS	Patched	2024
CVE-2024-26011	9.8	Critical	Missing authentication for a critical function allowing remote code execution	FortiManager, FortiPAM, FortiOS, FortiProxy	Patched	2024
CVE-2024-27782	9.8	Critical	Insufficient session expiration allowing reuse of stolen session tokens	FortiAIOps 2.0.0	Patched	2024
CVE-2024-35276	9.8	Critical	Stack-based buffer overflow enabling remote code execution	FortiAnalyzer, FortiManager	Patched	2024
CVE-2024-47571	9.8	Critical	Use of resource after expiration allowing improper FortiGate access with valid credentials	FortiManager 6.4.12-7.4.0	Patched	2024
CVE-2024-48886	9.8	Critical	Weak authentication enabling remote code execution via brute-force attack	FortiOS, FortiProxy, FortiManager, FortiAnalyzer	Patched	2024
CVE-2024-48887	9.8	Critical	Unverified password change letting an unauthenticated attacker reset admin passwords	FortiSwitch GUI	Patched	2024
CVE-2024-50563	9.8	Critical	Weak authentication enabling remote code execution via brute-force attack	FortiManager, FortiAnalyzer	Patched	2024
CVE-2024-55594	9.8	Critical	Improper input handling enabling remote code execution via crafted HTTP/S requests	FortiWeb	Patched	2024
CVE-2024-21762	9.8	Critical	Out-of-bounds write in SSL-VPN allowing remote code execution	FortiOS, FortiProxy	Actively Exploited	2024
CVE-2024-23113	9.8	Critical	Externally-controlled format string enabling remote code execution via crafted packets	FortiOS, FortiProxy, FortiPAM, FortiSwitchManager	Actively Exploited	2024
CVE-2024-47575	9.8	Critical	"FortiJump" — missing authentication on FGFM enabling remote code execution via crafted requests	FortiManager, FortiManager Cloud	Actively Exploited	2024
CVE-2024-55591	9.8	Critical	Authentication bypass via Node.js websocket module granting super-admin privileges	FortiOS 7.0.0-7.0.16, FortiProxy 7.0.0-7.0.19, 7.2.0-7.2.12	Actively Exploited	2024
CVE-2024-33507	9.1	Critical	Insufficient session expiration and incorrect authorization enabling privilege escalation	FortiIsolator	Patched	2024
CVE-2024-48884	9.1	Critical	Path traversal leading to privilege escalation	FortiManager, FortiOS, FortiProxy	Patched	2024
CVE-2024-48885	9.1	Critical	Path traversal allowing privilege escalation	FortiRecorder, FortiWeb, FortiVoice	Patched	2024
CVE-2024-27781	9.0	Critical	Authenticated cross-site scripting (XSS) vulnerability	FortiSandbox	Patched	2024
CVE-2024-31488	9.0	Critical	Stored and reflected cross-site scripting (XSS) vulnerability	FortiNAC	Patched	2024
CVE-2024-47572	9.0	Critical	CSV formula injection leading to unauthorized code execution	FortiSOAR 7.2.1-7.4.1	Patched	2024