[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"focus:attackers-exploit-three-fortinet-fortisandbox-flaws-one-patched-last-week-mqgydwn4":3},{"item":4},{"id":5,"title":6,"slug":7,"summary":8,"severity":9,"category":10,"cve_ids":11,"affected_products":15,"action_required":20,"article_ids":21,"ioc_summary":23,"source_urls":24,"status":26,"expires_at":27,"created_at":28,"updated_at":29,"articles":30},"2cbf4b28-2551-43db-bb17-5133f31cb913","Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week","attackers-exploit-three-fortinet-fortisandbox-flaws-one-patched-last-week-mqgydwn4","Fortinet FortiSandbox is under active exploitation for three critical unauthenticated RCE vulnerabilities (CVE-2026-39813, CVE-2026-39808, CVE-2026-25089). All three bypass authentication and allow arbitrary command execution via HTTP requests. Organizations running FortiSandbox are at immediate risk of compromise regardless of patch status.","critical","advisory",[12,13,14],"CVE-2026-39813","CVE-2026-39808","CVE-2026-25089",[16,17,18,19],"Fortinet","FortiSandbox","FortiClient EMS","Defused Cyber","Immediately patch FortiSandbox to the latest version. If patching cannot be done within 24 hours, isolate affected instances from production networks and implement network-level restrictions on FortiSandbox access.",[22],"9cda1374-5a72-4aaa-b878-2f58fd66572f",null,[25],"https:\u002F\u002Fthehackernews.com\u002F2026\u002F06\u002Fattackers-exploit-three-fortinet.html","active","2026-06-18T18:06:02.775+00:00","2026-06-16T18:06:05.508678+00:00","2026-06-16T18:06:08.421742+00:00",[31],{"id":22,"title":6,"url":25}]