Fortinet released updates for an actively exploited FortiOS SSO authentication bypass flaw, CVE-2026-24858, now listed by CISA in KEV.

Fortinet has released patches for CVE-2026-24858, an authentication bypass exploited in the wild to compromise devices.

CVE-2026-24858 affects dozens of Fortinet products and has already been added to CISA’s list of known exploited ...

More work for admins on the cards as they await a full dump of fixes Things aren't over yet for Fortinet customers – the ...

To stop the ongoing attacks, the cybersecurity vendor took the drastic step of temporarily disabling FortiCloud single ...

Attackers have been targeting various Fortinet products for some time. A functional security update is still missing.

CISA added the flaw to its KEVs catalog as Fortinet warned that patches for most affected versions remain “upcoming,” even though vulnerable devices can no longer use cloud SSO until upgraded.

‘Reports have shown this vulnerability to be exploited in the wild,’ the security vendor says in an advisory Wednesday. Fortinet disclosed Wednesday that a critical-severity vulnerability affecting ...

A suspected nation-state campaign has been targeting FortiManager customers — likely including MSPs — since at least late June, according to security researchers. The attacks exploiting a ...

Fortinet has released a security advisory regarding a critical vulnerability in Fortimanager. The vulnerability in question is the one that the Fortimanager updates announced earlier this week seal.

“With the integration between FortiManager and Terraform, Fortinet and HashiCorp are enabling organizations to automate security provisioning, eliminate errors caused by misconfiguration, and simplify ...

Fortinet introduced the FortiManager-3000 system earlier this month, extending the capabilities of its FortiManager security management products to govern up to 5,000 FortiGate antivirus firewall ...