Critical-Vulnerability

vulnerabilities 2026-04-16
Two Critical FortiSandbox Flaws Let Unauthenticated Attackers Execute Commands and Bypass Auth
Fortinet discloses CVE-2026-39808 and CVE-2026-39813 — two CVSS 9.1 flaws in FortiSandbox allowing unauthenticated command execution and authentication bypass via crafted HTTP requests.
fortinet fortisandbox cve-2026-39808 cve-2026-39813 command-injection authentication-bypass critical-vulnerability

Two Critical FortiSandbox Flaws Let Unauthenticated Attackers Execute Commands and Bypass Auth