ShellCodeX
Tools • Events • News • Insights
ShellCodeX Intelligence Brief
CRITICAL Vulnerabilities

Threat actors chain FortiSandbox JRPC API flaws, targeting multiple CVEs

Source headline: Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week

Threat level Critical
Signal strength 85/100
Source confidence 1 source
Published 2 days ago

Intelligence Summary

Defused Cyber reports active exploitation of Fortinet FortiSandbox vulnerabilities. The observed CVEs include CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089. One issue involves a high-severity path traversal condition in the FortiSandbox JRPC API. Successful exploitation could help attackers manipulate requests and potentially reach unintended access paths. Organizations using affected FortiSandbox versions should urgently review exposure and apply available patches and mitigations.

Recommended Action

Prioritize immediate review, validate exposure, and patch or mitigate affected systems.

Topics

#fortinet #fortisandbox #cve #exploitation #jrpc #path-traversal
Original reporting The Hacker News Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week
Open original source

Related Pulse Signals

View all signals
Critical · Vulnerabilities F5 ships out-of-band updates to fix critical NGINX code execution flaws Critical · Vulnerabilities Splunk fixes OS command injection in AI Toolkit; Atlassian patches deps Critical · Vulnerabilities F5 addresses critical NGINX issues that could lead to code execution High · Cybersecurity Alleged credentials compromise exposed Fortinet firewall and VPN deployments