CVE-2026-44277

216.73.216.6

· Published 12/05/2026 18:17 · Modified 12/05/2026 18:57

Labels: CVE-2026-44277 2026-05-12 CVE-2026-44277 CWE-284 [email protected]

Essential information

Published: 12/05/2026 18:17
Modified: 12/05/2026 18:57
Author: —
Creator: —
CVSS: 9.8 CRITICAL (v3.1)
CISA KEV: No
CWE: —
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

A improper access control vulnerability in Fortinet FortiAuthenticator 8.0.2, FortiAuthenticator 8.0.0, FortiAuthenticator 6.6.0 through 6.6.8, FortiAuthenticator 6.5.0 through 6.5.6 may allow attacker to execute unauthorized code or commands via <insert attack vector here>

NVD status

Status: Undergoing Analysis — CVE is currently being analyzed by NVD staff, this process results in association of reference link tags, CVSS scores, CWE association, and CPE applicability statements.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
fortinet / fortiauthenticator	`cpe:2.3:a:fortinet:fortiauthenticator:8.0.2:::::::*`
fortinet / fortiauthenticator	`cpe:2.3:a:fortinet:fortiauthenticator:8.0.0:::::::*`
fortinet / fortiauthenticator	`cpe:2.3:a:fortinet:fortiauthenticator:6.6.0-6.6.8:::::::*`
fortinet / fortiauthenticator	`cpe:2.3:a:fortinet:fortiauthenticator:6.5.0-6.5.6:::::::*`