CVE-2026-26083 – Fortinet FortiAuthenticator and FortiSandbox Cloud
CVSS 9.8
CRITICAL
“When core security systems fail, they become the attacker’s strongest tool.”
Fortinet has released patches for two critical vulnerabilities affecting FortiAuthenticator and FortiSandbox Cloud. CVE-2026-44277 and CVE-2026-26083 each carry a CVSS score of 9.1, which is Critical severity. These issues expose core security infrastructure to serious risk, potentially allowing attackers to bypass protections or gain elevated access within affected environments.
The updates address high-impact weaknesses in authentication and sandboxing functions, closing off key attack vectors. There is no verified evidence of active exploitation or publicly available proof-of-concept code associated with these vulnerabilities.
Key Details
- Affected Product
- Fortinet Fortisandbox
- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- None
- CWE Classification
- CWE-862
Patch this CVE on all your endpoints in under 5 minutes.
First 200 endpoints are free forever, scale as needed.