Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

FortiWeb actively exploited OS command injection (CVE-2025-58034)

Vulnerability
First reported
Last updated
Happening score
H score 37
2 unique sources, 2 articles

Summary

Hide ▲

FortiWeb users face unauthorized code execution risk after Fortinet said CVE-2025-58034 has been exploited in the wild. The flaw is an OS command injection issue that can be triggered by an authenticated attacker using crafted HTTP requests or CLI commands. Fortinet rates it 6.7 CVSS and has released fixes in FortiWeb 8.0.2, 7.6.6, 7.4.11, 7.2.12, and 7.0.12. The vulnerability matters because successful exploitation can chain authentication into execution of operating system commands on the underlying system.

Related Happenings

ChromaDB Python API exposure mitigation (CVE-2026-45829)

Advisory/Mitigation
First: 20.05.2026 01:25 Last: 20.05.2026 01:25 Sources 1

About this happening: **HiddenLayer** urged **ChromaDB** users to harden exposed deployments because **CVE-2026-45829** can still enable code execution on the **Python FastAPI** server. Until patch sta...

Open Happening

CISA KEV remediation deadline for SolarWinds WHD CVE-2025-40551

Public Sector Action
First: 04.02.2026 07:50 Last: 04.02.2026 07:50 Sources 1

About this happening: **CISA** added **CVE-2025-40551** in **SolarWinds Web Help Desk** to the **KEV catalog** and imposed **federal remediation deadlines**, turning a newly exploited flaw into a compl...

Open Happening

FortiSIEM command injection flaw (CVE-2025-25256)

Vulnerability
First: 14.01.2026 20:51 Last: 14.01.2026 20:51 Sources 1

About this happening: **CVE-2025-25256** in **Fortinet FortiSIEM** now has **public exploit code** and technical details, raising the risk of **remote, unauthenticated code or command execution** on af...

Open Happening

FortiSIEM OS command injection (CVE-2025-64155)

Vulnerability
First: 14.01.2026 13:53 Last: 14.01.2026 13:53 Sources 1

About this happening: **FortiSIEM** is affected by **CVE-2025-64155**, a critical **OS command injection** flaw that can let an **unauthenticated attacker** execute code on **Super and Worker nodes**....

Latest development: 16.01.2026 12:29

Threat actors are actively exploiting CVE-2025-64155 in Fortinet FortiSIEM, with Defused reporting targeted exploitation in honeypots after public proof-of-concept exploit code was released and Horizon3.ai providing indicators of compromise for already compromised systems.

Open Happening

FortiGate SSL VPN active 2FA bypass (CVE-2020-12812)

Vulnerability
First: 02.01.2026 18:01 Last: 02.01.2026 18:01 Sources 1

About this happening: **Fortinet** says **CVE-2020-12812** is still being **actively exploited**, leaving **over 10,000 Fortinet firewalls** exposed to a **2FA bypass** risk. The weakness affects **For...

Open Happening

Timeline

  1. 19.11.2025 06:20 2 articles · 6mo ago

    Fortinet warns of exploited FortiWeb CVE-2025-58034

    Initial Disclosure

    Fortinet warned that CVE-2025-58034 in FortiWeb has been exploited in the wild. The medium-severity OS command injection flaw can let an authenticated attacker execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands, and Fortinet has issued fixed releases for affected FortiWeb versions.

    Show sources
    Open in new tab