CVE-2026-25088 | Fortinet FortiNDR up to 7.6.2 HTTP sql injection (FG-IR-26-134)

Inserito da Angelo Barbosa | Mag 12, 2026 | CVE

A vulnerability categorized as critical has been discovered in Fortinet FortiNDR up to 7.0.7/7.1.1/7.2.5/7.4.9/7.6.2. Affected is an unknown function of the component HTTP Handler. The manipulation results in sql injection.

This vulnerability is reported as CVE-2026-25088. The attack can be launched remotely. No exploit exists.

It is advisable to upgrade the affected component.

CVE-2026-25088 | Fortinet FortiNDR up to 7.6.2 HTTP sql injection (FG-IR-26-134)

Post correlati

CVE-2025-41045 | appRain CMF 4.0.5 ethical data[sconfig][ethical_licensekey] cross site scripting

CVE-2026-5778 | wolfSSL up to 5.9.0 Authentication Tag ssl_DecodePacket integer underflow

CVE-2024-56788 | Linux Kernel up to 6.12.6 Ethernet Frame oa_tc6_prepare_spi_tx_buf_for_tx_skbs race condition

CVE-2022-24807 | Net-SNMP up to 5.9.1 OID vacmAccessTable unknown vulnerability