| | CVE-2017-7339 |  Fortinet | medium | 6.1 | 0.3%
| | A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an atta… | May 27, 2017 | May 13, 2026 |
| | CVE-2017-7343 | Fortinet | medium | 6.1 | 0.3%
| | An open redirect vulnerability in Fortinet FortiPortal 4.0.0 and below allows attacker to execute un… | May 27, 2017 | May 13, 2026 |
| | CVE-2017-7731 | Fortinet | high | 7.5 | 0.3%
| | A weak password recovery vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows attac… | May 27, 2017 | May 13, 2026 |
| | CVE-2016-8493 | Fortinet | high | 8.8 | 0.6%
| | In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privilege via a FortiClientNamedPipe… | Jun 26, 2017 | May 13, 2026 |
| | CVE-2017-7336 | Fortinet | critical | 9.8 | 0.9%
| | A hard-coded account named 'upgrade' in Fortinet FortiWLM 8.3.0 and lower versions allows a remote a… | Jul 22, 2017 | May 13, 2026 |
| | CVE-2017-7737 | Fortinet | medium | 4.9 | 0.4%
| | An information disclosure vulnerability in Fortinet FortiWeb 5.8.2 and below versions allows logged-… | Aug 10, 2017 | May 13, 2026 |
| | CVE-2017-7335 | Fortinet | medium | 5.4 | 0.3%
| | A Cross-Site Scripting (XSS) vulnerability in Fortinet FortiWLC 6.1-x (6.1-2, 6.1-4 and 6.1-5); 7.0-… | Oct 26, 2017 | May 13, 2026 |
| | CVE-2017-7341 | Fortinet | high | 7.2 | 2.5%
| | An OS Command Injection vulnerability in Fortinet FortiWLC 6.1-2 through 6.1-5, 7.0-7 through 7.0-10… | Oct 26, 2017 | May 13, 2026 |
| | CVE-2017-7732 | Fortinet | medium | 6.1 | 0.9%
| | A reflected Cross-Site Scripting (XSS) vulnerability in Fortinet FortiMail 5.1 and earlier, 5.2.0 th… | Oct 26, 2017 | May 13, 2026 |
| | CVE-2017-7736 | Fortinet | medium | 5.4 | 0.2%
| | A stored Cross-site Scripting (XSS) vulnerability in Fortinet FortiWeb webUI Certificate View page i… | Nov 22, 2017 | May 13, 2026 |
| | CVE-2017-14189 | Fortinet | critical | 9.8 | 0.5%
| | An improper access control vulnerability in Fortinet FortiWebManager 5.8.0 allows anyone that can ac… | Nov 29, 2017 | May 13, 2026 |
| | CVE-2017-7738 | Fortinet | high | 7.2 | 0.3%
| | An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.5, 5.2 and … | Dec 13, 2017 | May 13, 2026 |
| | CVE-2017-7344 | Fortinet | high | 8.1 | 1.3%
| | A privilege escalation in Fortinet FortiClient Windows 5.4.3 and earlier as well as 5.6.0 allows att… | Dec 14, 2017 | May 13, 2026 |
| | CVE-2017-14184 | Fortinet | high | 8.8 | 1.6%
| | An Information Disclosure vulnerability in Fortinet FortiClient for Windows 5.6.0 and below versions… | Dec 15, 2017 | May 13, 2026 |
| | CVE-2021-36193 | Fortinet | medium | 6.7 | 0.5%
| | Multiple stack-based buffer overflows in the command line interpreter of FortiWeb before 6.4.2 may a… | Feb 2, 2022 | Jan 13, 2026 |
| | CVE-2022-40684 | Fortinet | critical | 9.8 | 94.4%
| ⚠ KEV | An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.… | Oct 18, 2022 | Jan 14, 2026 |
| | CVE-2023-26210 | Fortinet | high | 7.8 | 0.1%
| | Multiple improper neutralization of special elements used in an os command ('OS Command Injection') … | Jun 13, 2023 | Jan 14, 2026 |
| | CVE-2023-34992 | Fortinet | critical | 10.0 | 75.9%
| | A improper neutralization of special elements used in an os command ('os command injection') vulnera… | Oct 10, 2023 | Jan 14, 2026 |
| | CVE-2023-41680 | Fortinet | high | 7.5 | 0.1%
| | A improper neutralization of input during web page generation ('cross-site scripting') vulnerability… | Oct 13, 2023 | Jan 14, 2026 |
| | CVE-2023-41681 | Fortinet | high | 7.5 | 0.1%
| | A improper neutralization of input during web page generation ('cross-site scripting') vulnerability… | Oct 13, 2023 | Jan 14, 2026 |
| | CVE-2023-41682 | Fortinet | high | 8.1 | 0.4%
| | A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fo… | Oct 13, 2023 | Jan 14, 2026 |
| | CVE-2023-41836 | Fortinet | low | 3.5 | 0.1%
| | An improper neutralization of input during web page generation ('cross-site scripting') vulnerabilit… | Oct 13, 2023 | Jan 14, 2026 |
| | CVE-2023-41843 | Fortinet | high | 7.5 | 0.2%
| | A improper neutralization of input during web page generation ('cross-site scripting') vulnerability… | Oct 13, 2023 | Jan 14, 2026 |
| | CVE-2023-41844 | Fortinet | low | 3.5 | 0.4%
| | A improper neutralization of input during web page generation ('cross-site scripting') vulnerability… | Dec 13, 2023 | Jan 14, 2026 |
| | CVE-2023-45587 | Fortinet | low | 3.5 | 0.4%
| | An improper neutralization of input during web page generation ('cross-site scripting') vulnerabilit… | Dec 13, 2023 | Jan 14, 2026 |
| | CVE-2024-23108 | Fortinet | critical | 10.0 | 90.4%
| | An improper neutralization of special elements used in an os command ('os command injection') vulner… | Feb 5, 2024 | Jan 14, 2026 |
| | CVE-2024-23109 | Fortinet | critical | 10.0 | 7.0%
| | An improper neutralization of special elements used in an os command ('os command injection') vulner… | Feb 5, 2024 | Jan 14, 2026 |
| | CVE-2023-41842 | Fortinet | medium | 6.7 | 0.1%
| | A use of externally-controlled format string vulnerability [CWE-134] vulnerability in Fortinet allo… | Mar 12, 2024 | Jan 14, 2026 |
| | CVE-2023-47540 | Fortinet | medium | 6.7 | 0.1%
| | An improper neutralization of special elements used in an os command ('os command injection') vulner… | Apr 9, 2024 | Jan 14, 2026 |
| | CVE-2023-47541 | Fortinet | medium | 6.7 | 0.1%
| | An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in F… | Apr 9, 2024 | Jan 14, 2026 |
| | CVE-2024-21755 | Fortinet | high | 8.8 | 1.0%
| | A improper neutralization of special elements used in an os command ('os command injection') vulnera… | Apr 9, 2024 | Jan 14, 2026 |
| | CVE-2024-21756 | Fortinet | high | 8.8 | 1.0%
| | A improper neutralization of special elements used in an os command ('os command injection') vulnera… | Apr 9, 2024 | Jan 14, 2026 |
| | CVE-2024-23671 | Fortinet | high | 8.1 | 0.8%
| | A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fo… | Apr 9, 2024 | Jan 14, 2026 |
| | CVE-2024-31487 | Fortinet | medium | 5.9 | 0.5%
| | A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fo… | Apr 9, 2024 | Jan 14, 2026 |
| | CVE-2024-31491 | Fortinet | high | 8.8 | 1.1%
| | A client-side enforcement of server-side security vulnerability in Fortinet FortiSandbox 4.4.0 throu… | May 14, 2024 | Jan 14, 2026 |
| | CVE-2024-27782 | Fortinet | high | 8.1 | 0.8%
| | Multiple insufficient session expiration weaknesses [CWE-613] vulnerability in Fortinet FortiAIOps 2… | Jul 9, 2024 | Jan 9, 2026 |
| | CVE-2024-27783 | Fortinet | high | 7.6 | 1.1%
| | Multiple cross-site request forgery (CSRF) weaknesses [CWE-352] vulnerability in Fortinet FortiAIOps… | Jul 9, 2024 | Jan 9, 2026 |
| | CVE-2024-27784 | Fortinet | high | 8.8 | 0.6%
| | Multiple Exposure of sensitive information to an unauthorized actor weaknesses [CWE-200] vulnerabili… | Jul 9, 2024 | Jan 9, 2026 |
| | CVE-2024-27785 | Fortinet | medium | 5.4 | 0.6%
| | An improper neutralization of formula elements in a CSV File [CWE-1236] vulnerability in Fortinet Fo… | Jul 9, 2024 | Jan 9, 2026 |
| | CVE-2024-31490 | Fortinet | medium | 4.3 | 0.7%
| | An exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiSandbox… | Sep 10, 2024 | Jan 14, 2026 |
| | CVE-2024-27778 | Fortinet | high | 8.8 | 0.5%
| | An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] vulnerab… | Jan 14, 2025 | Jan 14, 2026 |
| | CVE-2024-45326 | Fortinet | medium | 4.3 | 0.3%
| | An Improper Access Control vulnerability [CWE-284] vulnerability in Fortinet FortiDeceptor 6.0.0, Fo… | Jan 14, 2025 | Feb 4, 2026 |
| | CVE-2024-48884 | Fortinet | high | 7.5 | 39.3%
| | A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fo… | Jan 14, 2025 | Jan 14, 2026 |
| | CVE-2024-50566 | Fortinet | high | 7.2 | 0.3%
| | A improper neutralization of special elements used in an os command ('os command injection') vulnera… | Jan 14, 2025 | Jan 14, 2026 |
| | CVE-2024-35280 | Fortinet | medium | 5.4 | 0.6%
| | A improper neutralization of input during web page generation ('cross-site scripting') vulnerability… | Jan 15, 2025 | Feb 4, 2026 |
| | CVE-2024-48885 | Fortinet | medium | 5.3 | 0.3%
| | A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fo… | Jan 16, 2025 | Jan 14, 2026 |
| | CVE-2022-23439 | Fortinet | medium | 4.7 | 0.2%
| | A externally controlled reference to a resource in another sphere vulnerability in Fortinet allows … | Jan 22, 2025 | Jan 14, 2026 |
| | CVE-2023-40721 | Fortinet | medium | 6.7 | 0.0%
| | A use of externally-controlled format string vulnerability [CWE-134] vulnerability in Fortinet allo… | Feb 11, 2025 | Jan 14, 2026 |
| | CVE-2024-27781 | Fortinet | high | 7.1 | 0.3%
| | An improper neutralization of input during web page generation ('cross-site scripting') vulnerabilit… | Feb 11, 2025 | Jan 14, 2026 |
| | CVE-2025-26466 | Fortinet | medium | 5.9 | 42.5%
| | A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet… | Feb 28, 2025 | Feb 10, 2026 |