Threat intelligence firm Defused Cyber has reported active exploitation of three significant vulnerabilities in Fortinet FortiSandbox: CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089. Among these, CVE-2026-39813 stands out with a high CVSS score of 9.1, indicating a severe path traversal vulnerability in the FortiSandbox JRPC API. This is particularly concerning as it allows attackers to execute arbitrary code, potentially compromising sensitive data and systems. Fortinet released a patch for one of these vulnerabilities just last week, underscoring the urgent need for organizations to remain vigilant and proactive in applying security updates.
For businesses leveraging Fortinet's security solutions, the exploitation of these vulnerabilities presents a clear and immediate risk, necessitating a thorough review of their security posture. Organizations must prioritize patch management and ensure that their FortiSandbox installations are updated to mitigate these threats. This situation highlights the critical importance of robust cybersecurity measures, as attackers increasingly target known vulnerabilities to gain unauthorized access. As the integration of AI in cybersecurity continues to advance, staying informed and responsive to emerging threats will be vital for organizations aiming to safeguard their digital assets effectively.
---
*Originally reported by [The Hacker News](https://thehackernews.com/2026/06/attackers-exploit-three-fortinet.html)*