CVE-2025-59718 is a vulnerability tracked across 14 threat clusters and 22 intelligence report mentions on ThreatCluster. First observed December 9, 2025; most recent activity March 11, 2026.
Threat actors are actively exploiting critical authentication bypass vulnerabilities in Fortinet's FortiGate appliances, specifically CVE-2025-59718 and CVE-2025-59719. These vulnerabilities allow unauthenticated single…
On March 10, 2026, Fortinet released a security advisory addressing eleven vulnerabilities in its core products, including a high-severity stack-based buffer overflow in FortiManager (CVE-2025-54820) that allows remote…
More than 10,000 Fortinet firewalls remain exposed to a critical two-factor authentication bypass vulnerability (CVE-2020-12812) that has been actively exploited. This flaw, first disclosed in July 2020, continues to…
Fortinet has released security updates to address critical vulnerabilities (CVE-2025-59718 and CVE-2025-59719) affecting FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager products. Users and administrators are…
Fortinet's Single Sign-On (SSO) vulnerabilities, CVE-2025-59718 and CVE-2025-59719, are being actively exploited by attackers to gain unauthorized administrative access to FortiGate firewalls. These flaws allow…
The Canadian Centre for Cyber Security has issued an alert regarding critical vulnerabilities affecting Fortinet products, specifically related to FortiCloud SSO Login Authentication Bypass. These vulnerabilities may…
A critical path-traversal vulnerability (CVE-2025-64446) in Fortinet's FortiWeb web application firewall has been exploited by threat actors since early October 2025. This flaw allows unauthenticated attackers to create…
CISA added CVE-2025-59718 to its Known Exploited Vulnerabilities catalog on December 16, 2025. Organizations are required to implement remediation measures by December 23, 2025, due to the vulnerability's active…
Ivanti has issued security updates for a critical vulnerability (CVE-2025-10573) in its Endpoint Manager (EPM) product. This flaw could allow remote, unauthenticated attackers to execute arbitrary JavaScript code,…
Fortinet has released security updates for critical vulnerabilities in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager that could allow attackers to bypass FortiCloud SSO authentication. The vulnerabilities,…