Critical RCE Vulnerabilities Discovered in Fortinet Products

Critical RCE Vulnerabilities Discovered in Fortinet Products

First seen 12 May 2026, 18:44 UTC CybersecuritynewsBleepingcomputerfortiguard.fortinet.comCisecurityHkcert+27 88% similarity 72.8

Article Content

Browse articles
ThreatCluster

Fortinet has identified multiple critical vulnerabilities in its FortiSandbox and FortiAuthenticator products, which could allow unauthenticated attackers to execute arbitrary code remotely. The vulnerabilities are tracked as CVE-2026-44277 and CVE-2026-26083, both published on May 12, 2026. FortiAuthenticator's flaw stems from improper access control, while FortiSandbox suffers from a missing authorization issue. These vulnerabilities affect various versions of FortiAuthenticator and FortiSandbox, with a CVSS score of 9.1 indicating their critical nature. Although no active exploitation has been reported, Fortinet's products have been frequently targeted in the past, raising concerns about potential future attacks. Administrators are urged to apply patches immediately to mitigate risks. Fortinet's advisory emphasizes the importance of maintaining updated systems to prevent exploitation.

Key Points: • Two critical vulnerabilities in Fortinet products could allow remote code execution. • CVE-2026-44277 and CVE-2026-26083 were published on May 12, 2026, with a CVSS score of 9.1. • Fortinet recommends immediate patching of affected systems to prevent exploitation.

ThreatCluster AI

Timeline

2026-02-06
CVE-2026-21643 published
A critical vulnerability in FortiClient EMS was disclosed, later confirmed as actively exploited.
BleepingComputer
2026-04-04
CVE-2026-35616 published
An authentication bypass flaw in FortiClient EMS was disclosed and added to CISA KEV.
Heise.De
2026-05-12
CVE-2026-44277 and CVE-2026-26083 published
Fortinet disclosed two critical vulnerabilities affecting FortiSandbox and FortiAuthenticator.
Cisecurity
2026-05-12
Fortinet releases patches
Fortinet issued security updates for affected products, urging immediate application by users.
Securityaffairs.Co
2026-05-12
CVE-2025-53844 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE

Community

Browse all →