CVE-2026-39808 – Fortinet FortiSandbox Patch for Critical Remote Compromise Vulnerabilities

Fortinet has issued a critical patch for FortiSandbox addressing two severe vulnerabilities that could enable system-level compromise. Both CVE-2026-39813 and CVE-2026-39808 carry a CVSS score of 9.1, which is Critical severity. These flaws present a high risk to organizations relying on FortiSandbox to analyze and contain threats, as successful exploitation could undermine the integrity of the entire security workflow.

The vulnerabilities impact a core defensive system, meaning exploitation could allow attackers to bypass protections or execute malicious actions within a trusted environment. There is no verified evidence of active exploitation or public proof-of-concept code at this time, but the critical severity and exposure risk make immediate patching essential.