Vendor scorecard
Fortinet
FortiGate firewalls and the wider Fortinet security fabric.
CPE: fortinet
Product families
8
Open in latest
268
Inferred — see methodology
Last disclosure
Jun 9, 2026
01
Product categories
8 trackedCVE volume, severity mix and the inferred latest shipping version per category.
| Category | CVEs | Volume | Severity mix | Open | Inferred latest |
|---|---|---|---|---|---|
| FortiOS/FortiGateNGFW / Network Security · SD-WAN & SASE · Secure Remote Access / VPN · Network Detection / IDS-IPSfortios, fortigate | 270 | 93 | 7.6.6HIGH | ||
| FortiManager/FortiAnalyzerNetwork Management & Monitoringfortimanager, fortianalyzer | 204 | 32 | 7.6.6HIGH | ||
| FortiWebNGFW / Network Security · Application Delivery / ADCfortiweb | 124 | 46 | 8.0.4HIGH | ||
| FortiProxyNGFW / Network Securityfortiproxy | 118 | 38 | 7.6.5HIGH | ||
| FortiClientSecure Remote Access / VPN · Zero-Trust / ZTNAforticlient, forticlient_endpoint_management_server | 91 | 28 | 7.2.4HIGH | ||
| FortiSIEM/FortiSOARNetwork Detection / IDS-IPS · Network Management & Monitoringfortisiem, fortisoar | 60 | 26 | 7.6.5HIGH | ||
| FortiNACNGFW / Network Securityfortinac | 30 | 15 | 9.4.5HIGH | ||
| FortiSwitch/FortiAPRouting & Switching · Wireless LANfortiswitch, fortiap, fortiap-s | 27 | 6 | 6.4.10HIGH |
02
Recent CVEs
12 shownMost recently published, newest first. Each ID links to its NVD record.
| CVE | Severity | CVSS | Summary | Published |
|---|---|---|---|---|
| CVE-2025-67862(opens NVD record) | Medium | 6.7 | An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability [CWE-1244] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.10, FortiProxy 7.2.0 through 7.2.14, FortiProxy 7.0 all versions may allow an authenticated admin to execute lua scripts via crafted CLI commands. | Jun 9, 2026 |
| CVE-2026-44278(opens NVD record) | Low | 2.3 | A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.2, FortiClientWindows 7.2 all versions may allow attacker to information disclosure via <insert attack vector here> | May 12, 2026 |
| CVE-2025-67604(opens NVD record) | Medium | 5.3 | A use of potentially dangerous function vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4.8, FortiManager 7.2 all versions, FortiManager 7.0 all versions, FortiManager 6.4 all versions may allow an authenticated attacker to cause a system hang via multiple specially crafted HTTP requests causing crashes. This happens if internal locks are aligned, which is out of control of the attacker. | May 12, 2026 |
| CVE-2025-53870(opens NVD record) | Medium | 6.7 | An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiAP 7.6.0 through 7.6.2, FortiAP 7.4.0 through 7.4.5, FortiAP 7.2 all versions, FortiAP 7.0 all versions, FortiAP 6.4 all versions, FortiAP-W2 7.4.0 through 7.4.4, FortiAP-W2 7.2 all versions, FortiAP-W2 7.0 all versions may allow an authenticated attacker to execute unauthorized code or commands via a specifically crafted cli command. | May 12, 2026 |
| CVE-2025-53844(opens NVD record) | High | 8.8 | A out-of-bounds write vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11 allows attacker to execute unauthorized code or commands via specially crafted packets. | May 12, 2026 |
| CVE-2025-53680(opens NVD record) | Medium | 6.7 | An improper neutralization of special elements used in an OS command ("OS Command Injection") vulnerability [CWE-78] vulnerability in Fortinet FortiAP 7.6.0 through 7.6.2, FortiAP 7.4.0 through 7.4.5, FortiAP 7.2 all versions, FortiAP 7.0 all versions, FortiAP 6.4 all versions, FortiAP-U 7.0.0 through 7.0.5, FortiAP-U 6.2 all versions, FortiAP-W2 7.4.0 through 7.4.4, FortiAP-W2 7.2 all versions, FortiAP-W2 7.0 all versions allows an authenticated privileged attacker to execute unauthorized code or commands via crafted CLI requests. | May 12, 2026 |
| CVE-2026-40688(opens NVD record) | High | 7.2 | An out-of-bounds write vulnerability [CWE-787] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow a remote privileged attacker to execute arbitrary code or command via crafted HTTP requests. | Apr 14, 2026 |
| CVE-2026-39814(opens NVD record) | Medium | 6.7 | A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.1 through 7.4.12, FortiWeb 7.2.7 through 7.2.12, FortiWeb 7.0.10 through 7.0.12 may allow attacker to execute unauthorized code or commands via <insert attack vector here> | Apr 14, 2026 |
| CVE-2026-39811(opens NVD record) | Medium | 4.9 | A integer overflow or wraparound vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow attacker to denial of service via <insert attack vector here> | Apr 14, 2026 |
| CVE-2026-23708(opens NVD record) | High | 7.5 | A improper authentication vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR on-premise 7.5.0 through 7.5.2 may allow an unauthenticated attacker to bypass authentication via replaying captured 2FA request. The attack requires being able to intercept and decrypt authentication traffic and precise timing to replay the request before token expiration, which raises the attack complexity. | Apr 14, 2026 |
| CVE-2026-22576(opens NVD record) | Medium | 4.3 | A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.4, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.4, FortiSOAR on-premise 7.5.0 through 7.5.2, FortiSOAR on-premise 7.4 all versions, FortiSOAR on-premise 7.3 all versions may allow an authenticated remote attacker to retrieve passwords for multiple installed connectors via server address modification in connector configuration. | Apr 14, 2026 |
| CVE-2026-22574(opens NVD record) | Medium | 4.1 | A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.4, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.4, FortiSOAR on-premise 7.5.0 through 7.5.2, FortiSOAR on-premise 7.4 all versions, FortiSOAR on-premise 7.3 all versions may allow an authenticated remote attacker to retrieve Service account password via server address modification in LDAP configuration. | Apr 14, 2026 |
690 CVEs · 8 product families