If you find yourself disagreeing with this person’s actions, we encourage you not to downvote the post. Instead, kindly express your opinions in the comments. We recommend maintaining politeness and ...

Only days after Fortinet was criticized by researchers for ‘silently’ patching a zero-day vulnerability without informing its customers, it has emerged that it did the same for a second zero-day that ...

Fortinet on Tuesday disclosed a second zero-day vulnerability in its FortiWeb product line, less than a week after revealing a different flaw in its web application firewall (WAF) line had been ...

Fortinet on Tuesday announced patches for 17 vulnerabilities, including a zero-day resolved with the latest FortiWeb updates. Tracked as CVE-2025-58034 (CVSS score of 6.7), the bug is described as an ...

Fortinet may have silently patched an exploited zero-day vulnerability more than two weeks before officially disclosing the vulnerability. CVE-2025-64446 in Fortinet’s FortiWeb web application ...

Researchers say the flaw, affecting thousands of internet-facing FortiWeb instances, was exploited long before Fortinet disclosed or rated its severity. Security researchers are warning about two ...

CVE-2025-64446 allows unauthenticated attackers to run admin commands on FortiWeb WAF systems Actively exploited in the wild; affects versions 7.0.0–8.0.1, patched in 8.0.2 CISA added it to KEV; ...

A critical Fortinet FortiWeb vulnerability capable of remote code execution has been exploited in the wild. Because the vulnerability is capable of remote code execution in a pre-authentication state ...

The federal government confirmed on Friday that hackers are exploiting a vulnerability affecting Fortinet devices that has caused alarm among cybersecurity experts since early October. The ...

Cybersecurity researchers are sounding the alert about an authentication bypass vulnerability in Fortinet Fortiweb Web Application Firewall (WAF) that could allow an attacker to take over admin ...