| | CVE-2025-61624 | Fortinet | medium | 6.0 | 0.1%
| | An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') [CWE-22] vulnerabi… | Apr 14, 2026 | May 12, 2026 |
| | CVE-2025-61848 | Fortinet | high | 7.2 | 0.0%
| | An improper neutralization of special elements used in an sql command ('sql injection') vulnerabilit… | Apr 14, 2026 | Apr 20, 2026 |
| | CVE-2025-61886 | Fortinet | medium | 5.4 | 0.0%
| | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerabilit… | Apr 14, 2026 | Apr 22, 2026 |
| | CVE-2025-68649 | Fortinet | medium | 6.0 | 0.1%
| | An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in F… | Apr 14, 2026 | Apr 22, 2026 |
| | CVE-2026-21741 | Fortinet | low | 2.4 | 0.0%
| | An URL Redirection to Untrusted Site ('Open Redirect') vulnerability [CWE-601] vulnerability in Fort… | Apr 14, 2026 | Apr 20, 2026 |
| | CVE-2026-21742 | Fortinet | medium | 5.7 | 0.1%
| | A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0 thr… | Apr 14, 2026 | Jul 8, 2026 |
| | CVE-2026-22154 | Fortinet | medium | 4.6 | 0.0%
| | An improper neutralization of input during web page generation ('cross-site scripting') vulnerabilit… | Apr 14, 2026 | May 6, 2026 |
| | CVE-2026-22155 | Fortinet | medium | 6.5 | 0.2%
| | A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0 thr… | Apr 14, 2026 | Jul 8, 2026 |
| | CVE-2026-22573 | Fortinet | medium | 6.5 | 0.1%
| | An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in F… | Apr 14, 2026 | May 6, 2026 |
| | CVE-2026-22574 | Fortinet | medium | 4.1 | 0.0%
| | A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7… | Apr 14, 2026 | May 6, 2026 |
| | CVE-2026-22576 | Fortinet | medium | 4.3 | 0.0%
| | A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7… | Apr 14, 2026 | May 6, 2026 |
| | CVE-2026-22828 | Fortinet | high | 8.1 | 0.2%
| | A heap-based buffer overflow vulnerability in Fortinet FortiAnalyzer Cloud 7.6.2 through 7.6.4, Fort… | Apr 14, 2026 | May 1, 2026 |
| | CVE-2026-23708 | Fortinet | high | 7.5 | 0.1%
| | A improper authentication vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR Pa… | Apr 14, 2026 | May 6, 2026 |
| | CVE-2026-25691 | Fortinet | medium | 6.7 | 0.1%
| | A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fo… | Apr 14, 2026 | Apr 22, 2026 |
| | CVE-2026-27316 | Fortinet | low | 2.7 | 0.0%
| | A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, F… | Apr 14, 2026 | Apr 22, 2026 |
| | CVE-2026-39808 | Fortinet | critical | 9.8 | 0.1%
| | A improper neutralization of special elements used in an os command ('os command injection') vulnera… | Apr 14, 2026 | Apr 22, 2026 |
| | CVE-2026-39809 | Fortinet | medium | 6.7 | 0.0%
| | A improper neutralization of special elements used in an sql command ('sql injection') vulnerability… | Apr 14, 2026 | Apr 21, 2026 |
| | CVE-2026-39810 | Fortinet | medium | 6.0 | 0.0%
| | A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5 m… | Apr 14, 2026 | Apr 21, 2026 |
| | CVE-2026-39811 | Fortinet | medium | 4.9 | 0.1%
| | A integer overflow or wraparound vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.… | Apr 14, 2026 | Apr 21, 2026 |
| | CVE-2026-39812 | Fortinet | medium | 4.8 | 0.0%
| | A improper neutralization of input during web page generation ('cross-site scripting') vulnerability… | Apr 14, 2026 | Apr 21, 2026 |
| | CVE-2026-39814 | Fortinet | medium | 6.7 | 0.0%
| | A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 thr… | Apr 14, 2026 | Apr 21, 2026 |
| | CVE-2026-39815 | Fortinet | high | 8.8 | 0.1%
| | A improper neutralization of special elements used in an sql command ('sql injection') vulnerability… | Apr 14, 2026 | Apr 20, 2026 |
| | CVE-2026-40688 | Fortinet | high | 7.2 | 0.6%
| | An out-of-bounds write vulnerability [CWE-787] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.… | Apr 14, 2026 | Apr 20, 2026 |
| | CVE-2026-31431 | Fortinet | high | 7.8 | 96.8%
| ⚠ KEV | In the Linux kernel, the following vulnerability has been resolved:
crypto: algif_aead - Revert to … | Apr 22, 2026 | Jul 1, 2026 |
| | CVE-2026-43284 | Fortinet | high | 8.8 | 93.2%
| | In the Linux kernel, the following vulnerability has been resolved:
xfrm: esp: avoid in-place decry… | May 8, 2026 | Jul 1, 2026 |
| | CVE-2026-43500 | Fortinet | high | 7.8 | 92.6%
| | In the Linux kernel, the following vulnerability has been resolved:
rxrpc: Also unshare DATA/RESPON… | May 11, 2026 | Jun 30, 2026 |
| | CVE-2026-25088 | Fortinet | medium | 5.1 | 0.3%
| | An improper neutralization of special elements used in an sql command ('sql injection') vulnerabilit… | May 12, 2026 | Jul 8, 2026 |
| | CVE-2025-53844 | Fortinet | high | 8.3 | 0.6%
| | A out-of-bounds write vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7… | May 12, 2026 | Jul 8, 2026 |
| | CVE-2026-25690 | Fortinet | medium | 4.0 | 0.2%
| | An improper neutralization of argument delimiters in a command ('argument injection') vulnerability … | May 12, 2026 | Jul 8, 2026 |
| | CVE-2025-53681 | Fortinet | medium | 6.3 | 0.4%
| | An improper neutralization of special elements used in an SQL Command ("SQL Injection&") vulnerabili… | May 12, 2026 | Jul 8, 2026 |
| | CVE-2025-53870 | Fortinet | medium | 6.5 | 0.6%
| | An improper neutralization of special elements used in an os command ('os command injection') vulner… | May 12, 2026 | Jul 8, 2026 |
| | CVE-2025-53680 | Fortinet | medium | 6.7 | 0.6%
| | An improper neutralization of special elements used in an OS command ("OS Command Injection") vulner… | May 12, 2026 | Jul 8, 2026 |
| | CVE-2025-67604 | Fortinet | medium | 5.3 | 0.1%
| | A use of potentially dangerous function vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4,… | May 12, 2026 | May 15, 2026 |
| | CVE-2026-26083 | Fortinet | critical | 9.8 | 0.7%
| | A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4… | May 12, 2026 | Jul 8, 2026 |
| | CVE-2026-44277 | Fortinet | critical | 9.8 | 0.1%
| | A improper access control vulnerability in Fortinet FortiAuthenticator 8.0.2, FortiAuthenticator 8.0… | May 12, 2026 | May 28, 2026 |
| | CVE-2026-44278 | Fortinet | low | 2.3 | 0.0%
| | A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4… | May 12, 2026 | May 16, 2026 |
| | CVE-2026-44279 | Fortinet | medium | 5.5 | 0.1%
| | An improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2… | May 12, 2026 | Jun 26, 2026 |
| | CVE-2026-49938 | Fortinet | medium | 6.2 | 0.2%
| | A improper access control vulnerability in Fortinet FortiPortal 7.4.0 through 7.4.7, FortiPortal 7.2… | Jun 9, 2026 | Jul 8, 2026 |
| | CVE-2025-67862 | Fortinet | medium | 6.7 | 0.0%
| | An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability [CWE-1244] vulnerabili… | Jun 9, 2026 | Jun 11, 2026 |
| | CVE-2026-25089 | Fortinet | critical | 9.8 | 2.0%
| | A improper neutralization of special elements used in an os command ('os command injection') vulnera… | Jun 9, 2026 | Jun 11, 2026 |