Back to Feed
VulnerabilitiesJul 15, 2026

Vulnerabilities Patched by Fortinet, Ivanti, ServiceNow

Fortinet, Ivanti, and ServiceNow patch 15 vulnerabilities including critical RCE in ServiceNow AI.

Summary

ServiceNow, Ivanti, and Fortinet released patches for a combined 15 vulnerabilities across their platforms. ServiceNow addressed a critical remote code execution flaw (CVE-2026-6875, CVSS 9.5) in its AI platform that requires no authentication. Ivanti fixed two vulnerabilities in Xtraction, while Fortinet published 12 patches across multiple products including FortiOS, FortiAuthenticator, and FortiSandbox. No active exploitation has been reported for any of these flaws.

Full text

Fortinet, Ivanti, and ServiceNow on Tuesday rolled out patches for 15 vulnerabilities across their products. ServiceNow resolved a critical remote code execution (RCE) flaw in the ServiceNow AI platform that can be exploited without authentication. The bug is tracked as CVE-2026-6875 (CVSS score of 9.5). “ServiceNow addressed this vulnerability by deploying a security update to hosted instances. Relevant security updates have also been provided to ServiceNow self-hosted customers and partners,” the company said. Ivanti released fixes for two security defects in its data aggregation and visualization tool Xtraction, tracked as CVE-2026-14902 and CVE-2026-14903. A medium-severity open redirect and a high-severity path traversal, the weaknesses could allow attackers to redirect users to arbitrary external URLs and read arbitrary files outside the web root. ServiceNow and Ivanti say they are not aware of the addressed vulnerabilities being exploited in the wild.Advertisement. Scroll to continue reading. On Tuesday, Fortinet published 11 security advisories detailing 12 vulnerabilities in FortiOS, FortiProxy, FortiSASE, FortiSIEM, FortiClient EMS, FortiAuthenticator, FortiPAM, FortiSwitch Manager, FortiSwitch-Manager Agentless SSL-VPN, and FortiSandbox. The most severe of these flaws are high-severity bugs in FortiAuthenticator and FortiSandbox that could be exploited by remote unauthenticated attackers to retrieve sensitive information and access the VNC server of VMs performing scanning. Fortinet also fixed medium- and low-severity issues leading to memory leaks, command execution, arbitrary header injection, interception and modification of authentication requests, impersonation of an AD Connector via a valid API Key, deletion of the file system, and code execution. The company makes no mention of any of these security defects being exploited in attacks. Related: Progress Confirms Zero-Day Vulnerability Behind ShareFile Disruption Related: ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Rockwell Related: Critical Vulnerabilities Patched With Fresh Chrome 150, Firefox 152 Updates Related: SonicWall Issues Urgent SMA Patch Warning for Two Zero-Day Exploits Written By Ionut Arghire Ionut Arghire is an international correspondent for SecurityWeek. Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights. More from Ionut Arghire Adobe Patches Critical ColdFusion VulnerabilitiesSAP Patches Critical Vulnerabilities in NetWeaver, Approuter, Commerce CloudUS, Allies Warn of Russian Cyberattacks Targeting Critical Infrastructure RoutersMultiple Jscrambler Packages Impacted by Supply Chain AttackRabbitMQ Vulnerability Threatens Enterprise SystemsZimbra Patches Critical Code Execution VulnerabilityOrganizations Warned of Exploited Joomla Extension VulnerabilitiesProgress Prompts ShareFile Storage Zone Controller Shutdown Amid Security Concerns Latest News US Charges Russian Individuals and Firms for Running Cybercrime ServicesWhite House Launches AI-Driven ‘Gold Eagle’ Vulnerability Coordination InitiativeProgress Confirms Zero-Day Vulnerability Behind ShareFile DisruptionICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, RockwellCritical Vulnerabilities Patched With Fresh Chrome 150, Firefox 152 UpdatesSonicWall Issues Urgent SMA Patch Warning for Two Zero-Day ExploitsMicrosoft Patches Record 622 Vulnerabilities, Including Two Exploited Zero-DaysSynopsys Finds No Evidence of Data Breach Amid Bosch Hack Claims Trending Daily Briefing NewsletterSubscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: Why Email Security Keeps Failing (And What Has to Change) July 8, 2026 Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more. Register Virtual Event: 2026 Cloud Security Summit July 15, 2026 This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments. Register People on the MoveF5 has appointed Cathy Peterman as Chief People Officer.Sean Murphy has joined F5 as a Field Chief Information Security Officer - North America.CodeHunter has appointed Stephen McCarney as Chief Strategy Officer.More People On The MoveExpert Insights The Shift Toward Business-Aligned Risk Management Moving from isolated, technical data to a continuous risk lifecycle can help organizations align security controls with actual business consequences. (Steve Durbin) How to Conduct a Successful Audit of AI-Driven Software Development As AI-generated code becomes commonplace, CISOs need new audit strategies to measure developer practices, govern AI tool usage, and identify software risks before they reach production. (Matias Madou) Frontier AI: Six Questions Every Enterprise Should Ask Security Vendors From model selection and automation to validation and measurable results, the right questions can help enterprises separate genuine AI capabilities from marketing hype. (Joshua Goldfarb) The AI Token Costs That Can Break Cybersecurity As cybersecurity platforms embrace agentic AI, organizations must balance detection performance against the escalating costs of token consumption, deployment architecture, and AI credits. (Danelle Au) When Information Becomes the Attack Surface – Understanding AI Agent Traps From hidden content injections to cognitive state poisoning, attackers are turning trusted data sources into traps for autonomous AI. (Etay Maor) Flipboard Reddit Whatsapp Whatsapp Email

Indicators of Compromise

  • cve — CVE-2026-6875
  • cve — CVE-2026-14902
  • cve — CVE-2026-14903

Entities

ServiceNow (vendor)Ivanti (vendor)Fortinet (vendor)ServiceNow AI platform (product)Ivanti Xtraction (product)FortiOS (product)