8.6
CVE-2026-34622 - Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollโฆ
Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of tโฆ
6.3
CVE-2026-34626 - Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollโฆ
Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could result in arbitrary file system read in the context of the current user. Exploitation ofโฆ
5.4
CVE-2025-61624 - Fortinet Path Traversal Allowing Arbitrary File Write
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') [CWE-22] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.7.0, FortiPAM 1.6 all versions, Forโฆ
5.4
CVE-2025-68649 - Path Traversal Allows Privileged Attacker to Delete Files in FortiAnalyzer and FortiManager
An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.0 through 7.6.4, FortiAnalyzer Clโฆ
2.2
CVE-2026-21741 - Open Redirect via Crafted CSV in Fortinet FortiNACโF
An URL Redirection to Untrusted Site ('Open Redirect') vulnerability [CWE-601] vulnerability in Fortinet FortiNAC-F 7.6.0 through 7.6.5, FortiNAC-F 7.4 all versions, FortiNAC-F 7.2 all versions may allow a remote privileged attacker with system administrator role to redirect users to an arbitrary wโฆ
9.1
CVE-2026-39813 - Privilege Escalation via Path Traversal in FortiSandbox
A path traversal: '../filedir' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8 may allow attacker to escalation of privilege via <insert attack vector here>
6.8
CVE-2025-61848 - SQL Injection via API in FortiAnalyzer and FortiManager Allows Code Execution
An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.0 through 7.6.4, FortiAnalyโฆ
7.3
CVE-2026-22828 - Heap Based Buffer Overflow in Fortinet FortiAnalyzer Cloud and FortiManager Cloud Allowing Remote Cโฆ
A heap-based buffer overflow vulnerability in Fortinet FortiAnalyzer Cloud 7.6.2 through 7.6.4, FortiManager Cloud 7.6.2 through 7.6.4 may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests. Successful exploitation would require a large aโฆ
7.9
CVE-2026-39815 - SQL Injection in FortiDDoS-F Enabling Unauthorized Code Execution
A improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or commands via sending crafted HTTP requests
6.2
CVE-2026-22573 - Path Traversal Vulnerability in FortiSOAR Allowing Remote Authenticated File Access
An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5 all versions, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR on-pโฆ