CRITICALAdvisoryJul 19, 2026
Action required
Immediately inventory all Fortinet FortiSandbox instances. Patch to the latest version or apply vendor patches for CVE-2026-39808 and CVE-2026-25089 within 24 hours. If patching is not possible, isolate affected systems from external access until remediation is complete.
Affected products
FortinetFortiSandboxFortiClient EMSCISADefused
CVE IDs
Linked articles