SecurityAI-assisted1 min read

Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week

Threat intelligence firm Defused Cyber reports active exploitation of three security vulnerabilities in Fortinet's FortiSandbox product, including CVE-2026-39813 (CVSS 9.1), a critical path traversal flaw in the JRPC API. The exploitation activity has been observed within the past 24 hours, with one vulnerability reportedly patched just last week, indicating attackers are moving quickly to exploit

Utopia Tech

June 16, 2026 · 1 min read

Bad actors are exploiting multiple security vulnerabilities in Fortinet FortiSandbox, according to threat intelligence firm Defused Cyber. In a post shared on X, the company said it has observed exploitation of CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089 over the past 24 hours. CVE-2026-39813 (CVSS score: 9.1) refers to a path traversal vulnerability in FortiSandbox JRPC API that could

Originally published at thehackernews.com

#Cybersecurity #Fortinet #Malware #Patch-Management #Vulnerabilities #Vulnerability Exploitation

▸ Want a deeper look?

Talk to an architect about applying this to your stack.

60-minute technical evaluation, no obligation. We'll map the ideas in this article to your environment.

Schedule the call

▸ Continue reading

Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week

Talk to an architect about applying this to your stack.

More from the journal

Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive

China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware