What is CVE-2026-22629?

CVE-2026-22629 is a low-severity vulnerability in Fortinet Fortianalyzer, classified under Improper Restriction of Excessive Authentication Attempts. CVSS score: 3.4/10. Published 2026-03-10.

How severe is CVE-2026-22629?

Low severity. CVSS v3 base score is 3.4 out of 10.

Vulnerability in Fortinet Fortianalyzer

CVE-2026-22629

An improper restriction of excessive authentication attempts vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4 all versions, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all…

EPSS: 0.001 (17.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.4 (Low). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:W/RC:C.

Affected products

Fortinet Fortianalyzer — versions 7.6.0, 7.4.0, 7.2.0
Fortinet Fortianalyzer Cloud — versions 7.6.2, 7.4.1, 7.2.1
Fortinet Fortimanager — versions 7.6.0, 7.4.0, 7.2.0
Fortinet Fortimanager Cloud — versions 7.6.2, 7.4.1, 7.2.1

Weakness classification (CWE)

CWE-307 — Improper Restriction of Excessive Authentication Attempts

References

https://fortiguard.fortinet.com/psirt/FG-IR-26-079

Frequently asked questions

What is CVE-2026-22629?: CVE-2026-22629 is a low-severity vulnerability in Fortinet Fortianalyzer, classified under Improper Restriction of Excessive Authentication Attempts. CVSS score: 3.4/10. Published 2026-03-10.
How severe is CVE-2026-22629?: Low severity. CVSS v3 base score is 3.4 out of 10.