THE CISA maintains the Known Exploited Vulnerabilities (KEV) Catalog, which helps organizations prioritize vulnerability management by listing exploited vulnerabilities. The catalog includes a specific vulnerability, CVE-2026-39808, affecting Fortinet FortiSandbox, allowing unauthorized code execution via crafted HTTP requests. Organizations are advised to apply mitigations according to vendor instructions and comply with CISA's BOD 26-04 guidance. The catalog can be accessed in multiple formats including CSV and JSON, and users can nominate new vulnerabilities for inclusion.
CISA adds FortiSandbox flaw CVE-2026-39808 to KEV catalogue
CyberSIXT Evidence Panel
Article by CyberSIXT
Timeline Coverage
Swipe to explore timeline
-
CISA KEV Catalogue Adds FortiSandbox Flaw CVE-2026-25089
cybersixt.com
-
CISA adds FortiSandbox flaw CVE-2026-39808 to KEV catalogue
www.cisa.gov
-
CISA Adds CVE-2026-39808 to Known Exploited Vulnerabilities Catalogue
cybersixt.com
-
FortiSandbox Flaw Lets Hackers Run Code, CISA Warns
cybersixt.com
-
FortiBleed hijacks 30,000+ Fortinet devices across 194 countries
cybersixt.com
-
Fortinet devices breached worldwide as hackers leak credentials
cybersixt.com
-
FortiSandbox CVE-2026-39813 lets hackers bypass auth, run code
cybersixt.com
-
3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs
cybersixt.com
-
Fortinet warns of active exploits in unpatched FortiSandbox flaws
cybersixt.com
-
Fortinet FortiSandbox flaws exploited after recent patch
cybersixt.com
-
Fortinet patches CVE-2026-25089 in FortiSandbox command injection
cybersixt.com
-
Critical Vulnerabilities Patched in Fortinet, Ivanti Products
cybersixt.com
-
FortiSandbox flaw CVE-2026-25089 lets attackers run commands
cybersixt.com