Tuesday , July 14 2026
5

ALERT
Fortinet Patched 11 flaws in it’s multiple products including FortiOS, FortiAnalyzer

Fortinet put out a large set of security warnings on April 14, 2026. These warnings cover 11 flaws in different products, with two marked as Critical, two as High, and seven as Medium or Low.

The reports impact FortiSandbox, FortiAnalyzer, FortiManager, FortiOS, FortiProxy, FortiPAM, and FortiSwitchManager, urging business admins to fix the issues immediatly.

Meta’s louisiana data center to exceed 250 billion price tag

Meta announced on Monday that its data center in Richland Parish, Louisiana, will grow to 5 gigawatts of computing power....
Read More
Meta’s louisiana data center to exceed 250 billion price tag

Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Global ransomware attacks stayed very high in the first seven months of 2026. There were 5,064 confirmed victims in 135...
Read More
Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Palo Alto Networks Addresses 13 Vulnerabilities

Palo Alto Networks shared warnings on Wednesday about over twelve security issues in its products. The new warnings include 13 security...
Read More
Palo Alto Networks Addresses 13 Vulnerabilities

Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

A critical flaw with how Dell saves BIOS passwords lets anyone quickly recover these passwords from a flash dump without...
Read More
Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

CoLoCity is proud to launch a new Data Center in Gulshan-2. It is designed to meet the growing demand for...
Read More
CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

Daily Cyber security update for 10. 07. 2026

Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
Daily Cyber security update for 10. 07. 2026

How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

A major AWS attack shows how attackers with AI can connect known cloud strategies to go from first access to...
Read More
How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

Mycelium Framework: First AI-as-a-Service Botnet

A new cybercrime ad is catching attention in the security world. It talks about a botnet that doesn't just get...
Read More
Mycelium Framework: First AI-as-a-Service Botnet

CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

CrowdStrike has shared five new ways to inject prompts, showing the rising danger to AI agents as more organizations use...
Read More
CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

A critical flaw in Google Cloud Platform’s Dialogflow CX lets attackers add harmful code to a company's AI chatbot system....
Read More
Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

Critical FortiSandbox PaaS Flaws

The worst flaw in this alert is CVE-2026-39808 (FG-IR-26-100), which is a serious OS command injection issue in FortiSandbox and FortiSandbox PaaS.

Rooted in CWE-122 (Improper Neutralization of Special Elements used in an OS Command), this unauthenticated API-accessible vulnerability affects FortiSandbox versions 4.4.4 through 4.4.8 and FortiSandbox PaaS versions up to 23.4.4374.

A remote attacker who isn’t verified could use this flaw to run any commands on the system, which might allow them to take over the device.

CVE-2026-39813 (FG-IR-26-112) is also serious. It is a big path traversal problem (CWE-24) in the JRPC API of FortiSandbox.

his flaw can affect FortiSandbox versions 5.0.1 to 5.0.5. It lets attackers skip authentication checks and gain higher access without needing real credentials. This makes it one of the worst security issues in this release.

Rated High, CVE-2026-22828 (FG-IR-26-121) talks about a heap-based buffer overflow (CWE-122) in the oftpd program of FortiAnalyzer Cloud and FortiManager Cloud.

This security issue affects versions 7.6.2 to 7.6.4. It can be used by someone on the internet to run harmful code or crash the service. No login is needed, which makes it easier to exploit.

Authentication and Access Control Gaps

CVE-2025-53847 (FG-IR-26-125) shows that a key function is missing authentication in the CAPWAP daemon of FortiOS and FortiSwitchManager.

Rated Medium and easy to access without login from an internal network, the issue impacts FortiOS versions 7.4.8 to 7.6.3. This is important for companies with separate network systems.

CVE-2026-27316 (FG-IR-26-113) shows a weak protection problem with credentials (CWE-522) in FortiSandbox and FortiSandbox PaaS web interface, particularly on the LDAP setup page.

Rated Low, this flaw can be accessed from outside and needs a login. It affects FortiSandbox versions 5.0.1 to 5.0.5 and PaaS versions up to 23.4.4374. It may expose LDAP bind credentials to logged-in users who have GUI access.

Path Traversal, Cross-Site Scripting, and SQL Injection Vulnerabilities

Path Traversal, Cross-Site Scripting, and SQL Injection Risks Fortinet fixed three path traversal problems in this update. CVE-2026-25691 (FG-IR-26-115) affects FortiSandbox’s vmimages delete function, allowing logged-in GUI users to delete any directory.

CVE-2025-68649 (FG-IR-26-120) affects FortiAnalyzer, FortiAnalyzer Cloud, FortiManager, and FortiManager Cloud CLI systems in the 7.6.x and 7.4.x versions. CVE-2025-61624 (FG-IR-26-122) impacts FortiOS, FortiPAM, FortiProxy, and FortiSwitchManager CLI parts across different versions. All three have a Medium rating and need user login from inside the network.

Multiple XSS security issues were found in this release. CVE-2026-39812 (FG-IR-26-110) brings stored XSS risks in FortiSandbox and FortiSandbox PaaS versions 5.0.1 to 5.0.5. CVE-2025-61886 (FG-IR-26-109) points out a reflected XSS problem in FortiSandbox’s Operation Center interface, which can be reached by users without authentication from inside.

CVE-2025-61848 (FG-IR-26-111) is an SQL injection problem (CWE-89) found in the JSON RPC API of FortiAnalyzer and FortiManager versions 7.6.1–7.6.4, including the cloud versions. Users need to be logged in to access it, but if attackers succeed, they could change database queries.

Mitigations

Security teams should patch in this order based on how serious the issues are and how they can be attacked. Administrators should check Fortinet’s PSIRT portal for fixed versions and apply patches right away.

Check Also

Tenda

CERT/CC Alerts to Hidden Admin Backdoor in Tenda Router Firmware

Several Tenda firmware versions have a hidden backdoor that lets people gain admin access to …