Two critical SAML‑signature flaws (CVE‑2025‑59718/59719) let attackers bypass SSO across multiple Fortinet products Exploitation began December 12, with intruders pulling config files that expose ...

Things aren't over yet for Fortinet customers – the security shop has disclosed yet another critical FortiCloud SSO vulnerability.… Those hoping for a reprieve following last week's patch pantomime ...

All SAML SSO implementations, including FortiCloud SSO, are vulnerable to authentication bypass and malicious configuration changes from attacks on an unpatched flaw. Fortinet has confirmed that a new ...

Fortinet has released security updates to address two critical vulnerabilities in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager that could allow attackers to bypass FortiCloud SSO ...

Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-24858, and says it has mitigated the zero-day attacks ...

For the second time in the past month, the U.S. cybersecurity agency issued an advisory giving government agencies just a week to remediate an exploited vulnerability in Fortinet products. The U.S.

Fortinet confirmed that a new zero-day vulnerability under exploitation was the cause of a spate of malicious logins through FortiCloud's single sign-on (SSO) feature. The cybersecurity vendor on ...

SentinelOne reports FortiGate NGFW flaws exploited in early 2026 Three critical bugs (CVE-2025-59718, -59719, -2026-24858) enabled admin access and persistence Fortinet issued patches; firms urged to ...