CISA Adds Fortinet FortiSandbox Command Injection Flaw to KEV Catalog
CISA has confirmed active exploitation of a command injection vulnerability in Fortinet FortiSandbox, mandating urgent remediation for federal agencies.
CISA has added CVE-2026-25089 to its Known Exploited Vulnerabilities catalog, confirming that the flaw is currently being targeted in real-world attacks. The vulnerability affects Fortinet FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS, allowing an unauthenticated attacker to execute unauthorized commands through specifically crafted HTTP requests.
Classified as CWE-78, this OS command injection vulnerability poses a significant security risk to affected systems. Federal agencies are required to apply vendor-provided mitigations by July 19, 2026, in accordance with CISA’s BOD 26-04 guidance. Stakeholders should evaluate the internet exposure of their assets and follow specific forensic triage requirements to ensure compliance.
Continue Reading
Formalizing the Vulnerability Lifecycle
International agencies are pushing software vendors to adopt standardized vulnerability disclosure frameworks for better security.
Critical Heap Corruption Flaw Discovered in illumos SCTP Stack
A critical vulnerability in the illumos SCTP inbound path allows unauthenticated remote attackers to trigger kernel heap corruption and potential code execution.
WireGuard Easy Vulnerability Allows Unauthorized Credential Recovery
A critical flaw in WireGuard Easy allows unauthenticated attackers to brute-force weak tokens and hijack VPN peer credentials.