CISA Adds Actively Exploited FortiSandbox Flaw to KEV Catalog
CISA has confirmed active exploitation of an OS command injection vulnerability in Fortinet FortiSandbox, requiring immediate remediation.
CISA has added CVE-2026-25089, an OS command injection vulnerability (CWE-78) affecting Fortinet FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS, to its Known Exploited Vulnerabilities catalog. The flaw allows unauthenticated attackers to execute unauthorized commands on affected systems through specifically crafted HTTP requests.
Because this vulnerability is confirmed to be under active exploitation, federal agencies must apply vendor-provided mitigations by July 19, 2026. Organizations are required to follow CISA’s BOD 26-04 guidance, which includes evaluating internet exposure and adhering to mandatory forensics triage requirements.
Continue Reading
Critical Heap Corruption Flaw Discovered in illumos SCTP Stack
A critical vulnerability in the illumos SCTP inbound path allows unauthenticated remote attackers to trigger kernel heap corruption and potential code execution.
WireGuard Easy Vulnerability Allows Unauthorized Credential Recovery
A critical flaw in WireGuard Easy allows unauthenticated attackers to brute-force weak tokens and hijack VPN peer credentials.
CISA Adds Fortinet FortiSandbox Command Injection Flaw to KEV Catalog
CISA has confirmed active exploitation of a command injection vulnerability in Fortinet FortiSandbox, mandating urgent remediation for federal agencies.