{"id":274570,"date":"2026-06-16T12:07:00","date_gmt":"2026-06-16T16:07:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/06\/16\/critical-vulnerabilities-in-fortinet-fortisandbox-are-under-exploitation\/"},"modified":"2026-06-16T12:15:13","modified_gmt":"2026-06-16T16:15:13","slug":"critical-vulnerabilities-in-fortinet-fortisandbox-are-under-exploitation","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/06\/16\/critical-vulnerabilities-in-fortinet-fortisandbox-are-under-exploitation\/","title":{"rendered":"Critical vulnerabilities in Fortinet FortiSandbox are under exploitation"},"content":{"rendered":"

Critical vulnerabilities in Fortinet FortiSandbox are under exploitation<\/a><\/p>\n

https:\/\/www.cybersecuritydive.com\/news\/critical-vulnerabilities-fortinet-fortisandbox-exploitation\/823027\/<\/a><\/p>\n

Publish Date: 2026-06-16 12:07:00<\/a><\/p>\n

Source Domain: www.cybersecuritydive.com<\/a><\/p>\n

Researchers are warning that critical vulnerabilities in Fortinet\u2019s FortiSandbox are under exploitation.<\/p>\n

Defused, a firm that tracks security vulnerabilities, on Tuesday said three separate flaws in Fortinet FortiSandbox were being exploited by attackers,\u00a0<\/span><\/span><\/span><\/span><\/span><\/span>according to a post on X<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span>.\u00a0FortiSandbox is an AI-powered tool that is used to isolate and analyze malware and zero-day threats.\u00a0<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n

The first, an operating system command-injection vulnerability tracked as <\/span><\/span><\/span><\/span><\/span><\/span>CVE-2026-25089<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span>, was patched on June 9.\u00a0<\/span><\/span><\/span><\/span><\/span><\/span>Fortinet said in an advisory that the flaw could allow an unauthenticated attacker to execute commands by using specially crafted HTTP requests.\u00a0<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n

A second OS command-injection flaw, tracked as <\/span><\/span><\/span><\/span><\/span><\/span>CVE-2026-39808<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span>, could allow an attacker to execute code or commands by using specially crafted HTTP requests. That vulnerability was originally disclosed in April.\u00a0<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n

The third flaw is a path-traversal vulnerability, tracked as <\/span><\/span><\/span><\/span><\/span><\/span>CVE-2026-39813<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span>, that allows an attacker to bypass authentication and launch an attack. It was also disclosed in April.\u00a0<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n

No info on victims, attackers<\/h3>\n

Researchers at Defused thus far did not have information on who may be behind the attacks, and there was no information on whether customers were directly impacted or what post-exploitation activity was taking place.\u00a0<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n

The threat activity marks the latest to face Fortinet in recent months. In April, a critical zero-day flaw in <\/span><\/span><\/span><\/span><\/span><\/span>FortiClient Endpoint Management Server<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span> was targeted in attacks. The company released an emergency hotfix.<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n

Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Critical vulnerabilities in Fortinet FortiSandbox are under exploitation https:\/\/www.cybersecuritydive.com\/news\/critical-vulnerabilities-fortinet-fortisandbox-exploitation\/823027\/ Publish Date: 2026-06-16 12:07:00 Source Domain:…<\/p>\n","protected":false},"author":1,"featured_media":274571,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/imgproxy.divecdn.com\/95OiTyZdLNwMj1EQZxvuZoIJ7JHhLXNAsH9Mqjf_Vbs\/g:ce\/rs:fit:770:435\/Z3M6Ly9kaXZlc2l0ZS1zdG9yYWdlL2RpdmVpbWFnZS9GVE5ULTkwOS1raWZlci0wNS5qcGc=.webp","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[20,90,89,32,57,27],"class_list":["post-274570","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-artificial-intelligence","tag-cve","tag-flaw","tag-malware","tag-security","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/274570"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=274570"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/274570\/revisions"}],"predecessor-version":[{"id":274572,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/274570\/revisions\/274572"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/274571"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=274570"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=274570"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=274570"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}