What is CVE-2026-25815?

CVE-2026-25815 is a low-severity vulnerability in Fortinet Fortios, classified under CWE-1394. CVSS score: 3.2/10. Published 2026-02-05.

How severe is CVE-2026-25815?

Low severity. CVSS v3 base score is 3.2 out of 10.

Vulnerability in Fortinet Fortios

CVE-2026-25815

Fortinet FortiOS through 7.6.6 allows attackers to decrypt LDAP credentials stored in device configuration files, as exploited in the wild from 2025-12-16 through 2026 (by default, the encryption key is the same across all customers' insta…

EPSS: 0.000 (0.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.2 (Low). Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N.

Affected products

Fortinet Fortios — versions 0

Weakness classification (CWE)

CWE-1394

References

www.cert.at/en/blog/2026/1/threat-actors-use-forticloud-to-collect-ldap-connect…
docs.fortinet.com/document/fortimanager/7.6.6/administration-guide/30332/managi…

Frequently asked questions

What is CVE-2026-25815?: CVE-2026-25815 is a low-severity vulnerability in Fortinet Fortios, classified under CWE-1394. CVSS score: 3.2/10. Published 2026-02-05.
How severe is CVE-2026-25815?: Low severity. CVSS v3 base score is 3.2 out of 10.