PSIRT Advisories
The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.
For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here. And, for recommended upgrade path, see our Upgrade Path Tool Table.
PSIRT
Description
Affected Products
Updated Date
Component
Severity
FG-IR-26-076 OpenSSL CVE-2025-15467
CVE-2025-15467
CVE-2025-15467
CVE-2025-15467Parsing CMS AuthEnvelopedData message with maliciously crafted AEAD parameters can trigger a...
FortiAP
7.6.3, 7.6.2, 7.6.1, 7.6.0, 7.4.6 ...
FortiClientWindows
7.4.5, 7.4.4, 7.4.3, 7.4.2, 7.4.1 ...
FortiNAC-F
7.6.5, 7.6.4, 7.6.3, 7.6.2, 7.6.1 ...
Mar 13, 2026
Published:Jan 30, 2026
Mar 13, 2026
Published: Jan 30, 2026
OTHERS
OTHERS
Critical
Critical
Severity
FG-IR-25-934 SSL-VPN Symlink Persistence Patch Bypass
CVE-2025-68686
CVE-2025-68686
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability [CWE-200] in FortiOS SSL-VPN...
FortiOS
7.6.1, 7.6.0, 7.4.6, 7.4.5, 7.4.4 ...
Mar 12, 2026
Published:Feb 10, 2026
Mar 12, 2026
Published: Feb 10, 2026
SSL-VPN
SSL-VPN
Medium
Medium
Severity
FG-IR-26-079 Authentication Lockout Bypass via Race Condition
CVE-2026-22629
CVE-2026-22629
An improper restriction of excessive authentication attempts vulnerability [CWE-307] in FortiManager and...
FortiAnalyzer
7.6.4, 7.6.3, 7.6.2, 7.6.1, 7.6.0 ...
FortiAnalyzer Cloud
7.6.2, 7.4.7, 7.4.6, 7.4.5, 7.4.4 ...
FortiManager
7.6.4, 7.6.3, 7.6.2, 7.6.1, 7.6.0 ...
FortiManager Cloud
7.6.3, 7.6.2, 7.4.7, 7.4.6, 7.4.5 ...
Published:
Mar 10, 2026
Mar 10, 2026
Published: Mar 10, 2026
GUI
GUI
Low
Low
Severity
FG-IR-26-086 Buffer Overflow in LLDP OUI field
CVE-2026-22627
CVE-2026-22627
A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability [CWE-120] in...
FortiSwitchAXFixed
1.0.1, 1.0.0
Published:
Mar 10, 2026
Mar 10, 2026
Published: Mar 10, 2026
OTHERS
OTHERS
High
High
Severity
FG-IR-26-098 Buffer overflow via fgtupdates service
CVE-2025-54820
CVE-2025-54820
A Stack-based Buffer Overflow vulnerability [CWE-121] in FortiManager fgtupdates service may allow a...
FortiManager
7.4.2, 7.4.1, 7.4.0, 7.2.10, 7.2.9 ...
Published:
Mar 10, 2026
Mar 10, 2026
Published: Mar 10, 2026
OTHERS
OTHERS
High
High
Severity
FG-IR-26-092 Format string vulnerability in fazsvcd
CVE-2025-68648
CVE-2025-68648
A use of externally-controlled format string vulnerability [CWE-134] in FortiAnalyzer, FortiAnalyzer...
FortiAnalyzer
7.6.4, 7.6.3, 7.6.2, 7.6.1, 7.6.0 ...
FortiAnalyzer Cloud
7.6.2, 7.4.7, 7.4.6, 7.4.5, 7.4.4 ...
FortiManager
7.6.4, 7.6.3, 7.6.2, 7.6.1, 7.6.0 ...
FortiManager Cloud
7.6.3, 7.6.2, 7.4.7, 7.4.6, 7.4.5 ...
Published:
Mar 10, 2026
Mar 10, 2026
Published: Mar 10, 2026
API
API
Medium
Medium
Severity
FG-IR-26-078 Lack of TLS Certificate Validation during initial SSO Authentication
CVE-2025-68482
CVE-2025-68482
An improper certificate validation [CWE-295] vulnerability in the FortiManager GUI may allow a remote...
FortiAnalyzer
7.6.4, 7.6.3, 7.6.2, 7.6.1, 7.6.0 ...
FortiManager
7.6.4, 7.6.3, 7.6.2, 7.6.1, 7.6.0 ...
Published:
Mar 10, 2026
Mar 10, 2026
Published: Mar 10, 2026
GUI
GUI
Medium
Medium
Severity
FG-IR-26-090 MFA Bypass in GUI
CVE-2026-22572
CVE-2026-22572
An authentication bypass using an alternate path or channel vulnerability [CWE-288] in FortiManager and...
FortiAnalyzer
7.6.3, 7.6.2, 7.6.1, 7.6.0, 7.4.7 ...
FortiManager
7.6.3, 7.6.2, 7.6.1, 7.6.0, 7.4.7 ...
Published:
Mar 10, 2026
Mar 10, 2026
Published: Mar 10, 2026
GUI
GUI
Medium
Medium
Severity
FG-IR-26-096 OS command injection on vmimages update feature
CVE-2026-25836
CVE-2026-25836
An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
FortiSandbox Cloud
5.0.4
Published:
Mar 10, 2026
Mar 10, 2026
Published: Mar 10, 2026
GUI
GUI
Medium
Medium
Severity
FG-IR-26-081 Privilege escalation using undocumented CLI command
CVE-2025-48418
CVE-2025-48418
An Inclusion of Undocumented Features [CWE-1242] in FortiManager and FortiAnalyzer CLI may allow a remote...
FortiAnalyzer
7.6.3, 7.6.2, 7.6.1, 7.6.0, 7.4.7 ...
FortiAnalyzer Cloud
7.6.2, 7.4.7, 7.4.6, 7.4.5, 7.4.4 ...
FortiManager
7.6.3, 7.6.2, 7.6.1, 7.6.0, 7.4.7 ...
FortiManager Cloud
7.6.3, 7.6.2, 7.4.7, 7.4.6, 7.4.5 ...
Published:
Mar 10, 2026
Mar 10, 2026
Published: Mar 10, 2026
CLI
CLI
Medium
Medium
Severity
FG-IR-26-095 SQL injection in jsonrpc api
CVE-2025-49784
CVE-2025-49784
An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability...
FortiAnalyzer
7.6.4, 7.6.3, 7.6.2, 7.6.1, 7.6.0 ...
FortiAnalyzer-BigData
7.6.0, 7.4.4, 7.4.3, 7.4.2, 7.4.1 ...
Published:
Mar 10, 2026
Mar 10, 2026
Published: Mar 10, 2026
OTHERS
OTHERS
Medium
Medium
Severity
FG-IR-26-091 XSS in LDAP server option
CVE-2025-53608
CVE-2025-53608
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability...
FortiSandbox
5.0.2, 5.0.1, 5.0.0, 4.4.7, 4.4.6 ...
Published:
Mar 10, 2026
Mar 10, 2026
Published: Mar 10, 2026
GUI
GUI
Medium
Medium
Severity
FG-IR-26-085 shell command limitation bypass by SSH local config overriding
CVE-2026-22628
CVE-2026-22628
An Improper Access Control vulnerability [CWE-284] in FortiSwitchAXFixed may allow an authenticated admin...
FortiSwitchAXFixed
1.0.1, 1.0.0
Published:
Mar 10, 2026
Mar 10, 2026
Published: Mar 10, 2026
CLI
CLI
Medium
Medium
Severity
FG-IR-25-756 Authenticated Heap Overflow in SSL-VPN bookmarks
CVE-2025-57740
CVE-2025-57740
An Heap-based Buffer Overflow vulnerability [CWE-122] in FortiOS, FortiPAM and FortiProxy RDP bookmark...
FortiOS
7.6.2, 7.6.1, 7.6.0, 7.4.7, 7.4.6 ...
FortiPAM
1.5.0, 1.4.2, 1.4.1, 1.4.0, 1.3.1 ...
FortiProxy
7.6.2, 7.6.1, 7.6.0, 7.4.3, 7.4.2 ...
Mar 04, 2026
Published:Oct 14, 2025
Mar 04, 2026
Published: Oct 14, 2025
SSL-VPN
SSL-VPN
Medium
Medium
Severity
FG-IR-25-667 Request smuggling attack in FortiOS
CVE-2025-55018
CVE-2025-55018
An HTTP request smuggling vulnerability [CWE-444] in FortiOS may allow an unauthenticated attacker to...
FortiOS
7.6.0, 7.4.9, 7.4.8, 7.4.7, 7.4.6 ...
Feb 26, 2026
Published:Feb 10, 2026
Feb 26, 2026
Published: Feb 10, 2026
OTHERS
OTHERS
Medium
Medium
Severity