Two critical SAML‑signature flaws (CVE‑2025‑59718/59719) let attackers bypass SSO across multiple Fortinet products Exploitation began December 12, with intruders pulling config files that expose ...

Two recently disclosed vulnerabilities discovered in Fortinet’s product portfolio have prompted a pre-holiday warning for defenders after being added to the Known Exploited Vulnerabilities (KEV) ...

The OS command-injection bug, in the web application firewall (WAF) platform known as FortiWeb, will get a patch this week. An unpatched OS command-injection security vulnerability has been disclosed ...