Fortinet has issued patches for two critical flaws, CVE-2026-44277 in FortiAuthenticator and CVE-2026-26083 in FortiSandbox, both of which could let unauthenticated attackers execute unauthorized commands or code. The company said FortiAuthenticator Cloud is not affected, while the updates come amid a history of Fortinet products being targeted in active exploitation and ransomware attacks. #FortiAuthenticator #FortiSandbox #Fortinet #CVE-2026-44277 #CVE-2026-26083
Keypoints
- Fortinet patched two critical vulnerabilities in FortiAuthenticator and FortiSandbox.
- CVE-2026-44277 could allow unauthorized code or command execution in FortiAuthenticator.
- CVE-2026-26083 could enable remote code execution in FortiSandbox systems.
- FortiAuthenticator Cloud is not impacted by the vulnerability.
- Fortinet products have been frequently targeted in exploitation and ransomware campaigns.