Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

Fortinet FortiWeb CVE-2025-64446 patch release

Security Patch Release
First reported
Last updated
Happening score
H score 41
1 unique sources, 1 articles

Summary

Hide ▲

Fortinet's late-October fix for FortiWeb CVE-2025-64446 matters because the flaw was already used in zero-day attacks and later landed in CISA's actively exploited catalog. The patch addressed an OS command injection issue in FortiWeb that could let an authenticated attacker execute unauthorized code. CISA then pushed federal agencies to complete remediation by November 21, 2025.

Related Happenings

CISA orders FCEB Ivanti Sentry remediation under BOD 26-04

Public Sector Action
H score36 First: 12.06.2026 11:26 Last: 12.06.2026 11:26 Sources 1

About this happening: **CISA** ordered **FCEB agencies** to secure **Ivanti Sentry** within **three days** after confirming **CVE-2026-10520** is being **actively exploited**, creating immediate remedi...

Open Happening

CISA BOD 26-04 remediation requirements

Advisory/Mitigation
H score31 First: 11.06.2026 15:46 Last: 11.06.2026 15:46 Sources 1

About this happening: CISA’s **Binding Operational Directive 26-04** forces **FCEB agencies** to speed up remediation of high-risk vulnerabilities, with some deadlines as short as **3 days** and new **...

Open Happening

CISA orders federal patching of Oracle WebLogic CVE-2024-21182

Public Sector Action
H score53 First: 02.06.2026 15:40 Last: 02.06.2026 15:40 Sources 1

About this happening: CISA ordered **federal agencies** to patch **Oracle WebLogic Server** against **CVE-2024-21182** by **June 4**, creating an immediate remediation deadline for affected government...

Open Happening

CISA orders FCEB patching for CVE-2026-9082

Public Sector Action
H score70 First: 26.05.2026 11:46 Last: 26.05.2026 11:46 Sources 1

About this happening: **CISA** added **CVE-2026-9082** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Drupal** by **May 27**, turning an actively exploited flaw into a mandatory federa...

Open Happening

Fortinet security patch release for CVE-2026-44277

Security Patch Release
H score39 First: 12.05.2026 21:23 Last: 12.05.2026 21:23 Sources 1

About this happening: Fortinet released **security updates** for **FortiSandbox** and **FortiAuthenticator** to fix **two critical vulnerabilities** that could let an **unauthenticated attacker** execu...

Open Happening

Timeline

  1. 19.11.2025 15:44 2 articles · 7mo ago

    Fortinet FortiWeb CVE-2025-64446 patch release

    Initial Disclosure

    Fortinet quietly patched **CVE-2025-64446** in **FortiWeb** in **late October 2025** after the flaw was used in **zero-day attacks**. The release gained urgency when CISA later classified the issue as actively exploited and set a federal patch deadline.

    Show sources
    Open in new tab