CVE-2026-25089 – Fortinet FortiSandbox OS Command Injection

CVE ID :CVE-2026-25089

Published : June 9, 2026, 4:16 p.m. | 19 minutes ago

Description :A improper neutralization of special elements used in an os command (‘os command injection’) vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4 through 5.0.5, FortiSandbox PaaS 5.0.4 through 5.0.5 may allow an unauthenticated attacker to execute unauthorized commands via specifically crafted HTTP requests

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-50636 – LimeSurvey RemoteControl invite_participants/remind_participants SQL Injection

CVE-2026-50635 – LimeSurvey Password Reset Host Header Injection Discloses Reset Token

CVE-2026-50512 – Microsoft PC Manager Elevation of Privilege Vulnerability

CVE-2026-50511 – Microsoft PC Manager Elevation of Privilege Vulnerability