CISA Adds Actively Exploited Fortinet FortiSandbox Flaw to KEV Catalog
CISA has confirmed active exploitation of an OS command injection vulnerability in Fortinet FortiSandbox, mandating urgent remediation for federal agencies.
Fortinet FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS are affected by an OS command injection vulnerability, tracked as CVE-2026-25089. This security flaw, categorized as CWE-78, allows an unauthenticated attacker to execute unauthorized commands on the system by sending specifically crafted HTTP requests.
The vulnerability has been added to CISA's Known Exploited Vulnerabilities catalog as of July 16, 2026, confirming its use in real-world attacks. Federal agencies are required to apply necessary mitigations by July 19, 2026, in accordance with BOD 26-04 guidelines.
Organizations are advised to follow vendor instructions to secure their deployments. Stakeholders must evaluate the internet exposure of their assets and ensure compliance with CISA's forensics triage requirements and patching guidance. If mitigations are unavailable for cloud services, agencies should discontinue use of the product.
Continue Reading
23andMe Settles Data Privacy Claims
A multi-state settlement highlights the massive fallout from a 2023 breach that exposed sensitive genetic data for millions of customers.
LegacyHive: A New Windows Zero-Day
A persistent security researcher has unveiled a local privilege escalation bug for Windows 11, raising questions about severity.
Critical SSRF Vulnerability Discovered in stoatchat Versions Below 0.13.5
A critical server-side request forgery vulnerability in stoatchat allows unauthenticated attackers to access internal network infrastructure.