Fortinet
Two Critical FortiSandbox Flaws Let Unauthenticated Attackers Execute Commands and Bypass Auth
Fortinet discloses CVE-2026-39808 and CVE-2026-39813 — two CVSS 9.1 flaws in FortiSandbox allowing unauthenticated command execution and authentication bypass via crafted HTTP requests.
CVE-2026-21643: Pre-Auth SQL Injection in FortiClient EMS 7.4.4 Under Active Exploitation — CISA Deadline Tomorrow
Critical pre-authentication SQL injection in Fortinet FortiClient EMS 7.4.4 is being actively exploited. CISA KEV remediation deadline is April 16, 2026.
FortiClient EMS Zero-Day Under Active Exploitation — Emergency Hotfixes Released (CVE-2026-35616)
Critical API authentication bypass in FortiClient EMS 7.4.5–7.4.6 is being exploited in the wild. CVSS 9.1. Hotfixes available now.
Your Firewall Is the Foothold: Q1 2026's Edge Device Exploitation Epidemic
Three months into 2026, edge devices are the dominant entry point for attackers. A deep dive into the FortiGate SSO bypass and Ivanti EPMM RCE chains, and why this pattern shows no signs of stopping.