216.73.217.15

CVE-2026-26083

· Published 12/05/2026 18:16 · Modified 12/05/2026 18:57

Labels: CVE-2026-26083 2026-05-12CVE-2026-26083CWE-862[email protected]

Essential information

Published
12/05/2026 18:16
Modified
12/05/2026 18:57
Author
Creator
CVSS
9.8 CRITICAL (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through 5.0.5, FortiSandbox PaaS 23.4 all versions, FortiSandbox PaaS 23.3 all versions, FortiSandbox PaaS 23.1 all versions, FortiSandbox PaaS 22.2 all versions, FortiSandbox PaaS 22.1 all versions, FortiSandbox PaaS 21.4 all versions, FortiSandbox PaaS 21.3 all versions, FortiSandbox PaaS 5.0.0 through 5.0.1, FortiSandbox PaaS 4.4.5 through 4.4.8 may allow an unauthenticated attacker to execute unauthorized code or commands via HTTP requests.

NVD status

Status
Undergoing Analysis — CVE is currently being analyzed by NVD staff, this process results in association of reference link tags, CVSS scores, CWE association, and CPE applicability statements.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
fortinet / fortisandbox cpe:2.3:a:fortinet:fortisandbox:5.0.0-5.0.1:*:*:*:*:*:*:*
fortinet / fortisandbox cpe:2.3:a:fortinet:fortisandbox:4.4.0-4.4.8:*:*:*:*:*:*:*
fortinet / fortisandbox cloud cpe:2.3:a:fortinet:fortisandbox_cloud:5.0.2-5.0.5:*:*:*:*:*:*:*
fortinet / fortisandbox paas cpe:2.3:a:fortinet:fortisandbox_paas:23.4:*:*:*:*:*:*:*
fortinet / fortisandbox paas cpe:2.3:a:fortinet:fortisandbox_paas:23.3:*:*:*:*:*:*:*
fortinet / fortisandbox paas cpe:2.3:a:fortinet:fortisandbox_paas:22.2:*:*:*:*:*:*:*
fortinet / fortisandbox paas cpe:2.3:a:fortinet:fortisandbox_paas:22.1:*:*:*:*:*:*:*
fortinet / fortisandbox paas cpe:2.3:a:fortinet:fortisandbox_paas:21.4:*:*:*:*:*:*:*
fortinet / fortisandbox paas cpe:2.3:a:fortinet:fortisandbox_paas:21.3:*:*:*:*:*:*:*
fortinet / fortisandbox paas cpe:2.3:a:fortinet:fortisandbox_paas:5.0.0-5.0.1:*:*:*:*:*:*:*
fortinet / fortisandbox paas cpe:2.3:a:fortinet:fortisandbox_paas:4.4.5-4.4.8:*:*:*:*:*:*:*

References