Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
Fortinet FortiSandbox: Unauthorized Command Execution Risk
CVE-2026-39808
Summary
Fortinet's FortiSandbox version 4.4.0 through 4.4.8 may allow an attacker to execute unauthorized commands on your system. This is a serious issue because it could let someone access or change sensitive information. Update to the latest version to fix this risk.
Original title
A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.8 may allow attacker to execute unauthorized co...
Original description
A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.8 may allow attacker to execute unauthorized code or commands via <insert attack vector here>
nvd CVSS3.1
9.8
Vulnerability type
CWE-78
OS Command Injection
Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026