Known vulnerabilities in Fortinet, Inc FortiSOAR

Vendor: Fortinet, Inc
Website: https://www.fortinet.com/
Total Security Bulletins: 27

Security bulletins (27)

Secuity bulletin Severity Status Published
SB2026041522: Improper Authentication in FortiSOAR Medium
Patched
15.04.2026
SB2026041521: Stored XSS in FortiSOAR Low
Patched
15.04.2026
SB2026041514: Multiple vulnerabilities in FortiSOAR Low
Patched
15.04.2026
SB2026041513: Storing passwords in a recoverable format in FortiSOAR Low
Patched Exploited
15.04.2026
SB2026041512: Storing passwords in a recoverable format in FortiSOAR Low
Patched
15.04.2026
SB2025120965: Unverified password change in FortiSOAR Medium
Patched
09.12.2025
SB2025120964: Improper access control in FortiSOAR Low
Patched
09.12.2025
SB2025101566: OS Command Injection in FortiSOAR Low
Patched
15.10.2025
SB20250812102: Cross-site scripting in FortiSOAR Low
Patched
12.08.2025
SB20250812100: Relative path traversal in FortiSOAR Low
Patched
12.08.2025
SB2025041110: Cross-site scripting in FortiSOAR Low
Patched
11.04.2025
SB2025041042: Improper Neutralization of Formula Elements in a CSV File in FortiSOAR Low
Patched
10.04.2025
SB2025041032: Observable Response Discrepancy in FortiClientEMS and FortiSOAR Medium
Patched
10.04.2025
SB2025011482: FortiSOAR update for libwebp Critical
Patched Exploited
14.01.2025
SB2024091085: Improper authorization in FortiSOAR Medium
Patched
10.09.2024
SB2024081475: Stored XSS in FortiSOAR Low
Patched
14.08.2024
SB20240611275: SQL injection in FortiSOAR Medium
Patched
11.06.2024
SB2024051534: Information disclosure in FortiSOAR content hub Low
Patched
15.05.2024
SB2023041323: Server-side template injection in FortiSOAR Medium
Patched
13.04.2023
SB2023030936: Improper access control in FortiSOAR Medium
Patched
09.03.2023


Showing elements 1 - 20 out of 27