Fortinet Fortisandbox Paas
7 CVEs affecting Fortinet Fortisandbox Paas. Latest disclosed: 2026-05-12. Critical: 2, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-26083 | Critical | 9.8 | 2026-05-12 | A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through 5.0.5, F… |
CVE-2026-39808 | Critical | 9.1 | 2026-04-14 | A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.8 may all… |
CVE-2026-25836 | High | 7.2 | 2026-03-10 | An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox Cloud 5.0.4, FortiSandbox… |
CVE-2026-25691 | Medium | 6.2 | 2026-04-14 | A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0… |
CVE-2025-61886 | Medium | 4.9 | 2026-04-14 | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 thr… |
CVE-2026-39812 | Medium | 4.3 | 2026-04-14 | A improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox… |
CVE-2026-27316 | Low | 2.5 | 2026-04-14 | A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 throu… |