Three critical vulnerabilities in Fortinet's FortiSandbox product are being actively exploited by attackers, with one of the flaws, CVE-2026-39813, having been patched only recently1. Defenders have a narrow window to apply patches, as cybersecurity firm Defused Cyber has confirmed active exploitation of these vulnerabilities within a 24-hour period. Two of the vulnerabilities had patches available since April, while the third was fixed last week, indicating that the attackers are moving quickly to exploit newly patched flaws. The active exploitation of these vulnerabilities highlights the importance of prompt patching and monitoring. The fact that CVE-2026-39813 is being exploited despite being recently patched underscores the need for defenders to prioritize patching and monitoring of FortiSandbox systems. This active exploitation matters to practitioners because it emphasizes the need for swift action to protect against potential attacks, as the window for defenders to respond is rapidly shrinking.
Fortinet Warned as Three Critical FortiSandbox Bugs Come Under Attack
⚡ High Priority
Why This Matters
CVE-2026-39813 is in active discussion involving Fortinet — exploitation status determines whether this is patch-now or monitor.
References
- SecurityAffairs. (2026, June 16). Fortinet Warned as Three Critical FortiSandbox Bugs Come Under Attack. SecurityAffairs. https://securityaffairs.com/193709/ai/fortinet-warned-as-three-critical-fortisandbox-bugs-come-under-attack.html
Original Source
SecurityAffairs
Read original →