Fortinet warns of critical FortiSandbox bug after public PoC appears online

Fortinet customers using FortiSandbox 4.4 should move quickly. Fortinet says CVE-2026-39808 is a critical unauthenticated OS command injection flaw that can let an attacker execute unauthorized code or commands through crafted HTTP requests. The company’s advisory says FortiSandbox 4.4.0 through 4.4.8 are affected and that users should upgrade to 4.4.9 or later. The urgency increased […] The post Fortinet warns of critical FortiSandbox bug after public PoC appears online appeared first on VPN Central.