Security Alert (A26-06-19): Multiple Vulnerabilities in Fortinet Products


 

Published on: 10 June 2026

Description:

Fortinet released security advisories to address multiple vulnerabilities in Fortinet systems. An attacker could exploit these vulnerabilities by sending specially crafted requests to an affected system.

 

Affected Systems:

  • FortiOS version 7.2.0 through 7.2.10, version 7.4.0 through 7.4.7, version 7.6.0 through 7.6.2
  • FortiPortal version 7.0 (all versions), version 7.2.0 through 7.2.8, version 7.4.0 through 7.4.7
  • FortiProxy version 7.2.0 through 7.2.14, version 7.4.0 through 7.4.10, version 7.6.0 through 7.6.3
  • FortiSandbox version 4.4.0 through 4.4.8, version 5.0.0 through 5.0.5
  • FortiSandbox Cloud version 5.0.4 through 5.0.5
  • FortiSandbox PaaS version 5.0.4 through 5.0.5

For detailed information of the affected products, please refer to the section "Affected Products" of corresponding security advisory at vendor's website.

 

Impact:

Successful exploitation of the vulnerabilities could lead to remote code execution, information disclosure or security restriction bypass on an affected system.

 

Recommendation:

Patches for affected systems are available. System administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://fortiguard.fortinet.com/psirt/FG-IR-26-140
  • https://fortiguard.fortinet.com/psirt/FG-IR-26-141
  • https://fortiguard.fortinet.com/psirt/FG-IR-26-143
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67862
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25089
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-49938


Tag: Fortinet , FortiOS , FortiPortal , FortiProxy , FortiSandbox
Tags