CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-25089

unknowncovered by 1 sourcefirst seen 2026-06-09
CVSSv3 Score: 9.1 An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiSandbox, FortiSandbox Cloud and FortiSandbox PaaS WEB UI may allow an unauthenticated attacker to execute unauthorized commands via specifically crafted HTTP requests. Revised on 2026-06-09 00:00:00

CSIRTS triage

What
An improper neutralization of special elements used in an OS command vulnerability allows unauthenticated attackers to execute unauthorized commands.
Who is affected
Users of FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS WEB UI.
Urgency
Remediation is critical due to the high severity and potential for remote code execution.
Action
Apply the latest security updates from Fortinet.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2026-25089

Get an email if CVE-2026-25089 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2026-25089

CVE.org record

Embed the live status

CVE-2026-25089 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-25089 status](https://www.csirts.com/badge/CVE-2026-25089)](https://www.csirts.com/cve/CVE-2026-25089)