Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week
Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week
16 June 2026
Bad actors are exploiting multiple security vulnerabilities in Fortinet FortiSandbox, according to threat intelligence firm Defused Cyber.
In a post shared on X, the company said it has observed exploitation of CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089 over the past 24 hours.
CVE-2026-39813 (CVSS score: 9.1) refers to a path traversal vulnerability in FortiSandbox JRPC API that could