Find notable cyber news and cases, enriched with sources, timelines, and signals.

Fortinet FortiOS follow-on patch release for authentication bypass

Security Patch Release
First reported
Last updated
Happening score
H score 42
2 unique sources, 2 articles

Summary

Hide ▲

Fortinet is preparing FortiOS 7.4.11, 7.6.6, and 8.0.0 to fully close an authentication bypass flaw affecting FortiOS/FortiGate deployments. The follow-on release matters because earlier updates were reported to have left the issue only partially fixed. The planned fixes are expected over the coming days.

Related Happenings

Fortinet and Ivanti multi-product security patch release

Security Patch Release
H score47 First: 10.06.2026 11:50 Last: 10.06.2026 11:50 Sources 1

About this happening: **Fortinet** and **Ivanti** released patches on **Tuesday** for multiple product flaws, including **critical OS command injection** and **authentication-bypass** bugs that could e...

Latest development: 11.06.2026 09:20

Attackers are targeting Ivanti Sentry instances with CVE-2026-10520 exploitation attempts after Ivanti patched the maximum-severity OS command injection flaw in R10.5.2, R10.6.2, and R10.7.1. Shadowserver reported 19 vulnerable instances in its scans and at least 2 backdoored gateways, warning that unpatched Internet-exposed secure mobile gateways are likely compromised.

Fortinet security patch release for CVE-2026-44277

Security Patch Release
H score39 First: 12.05.2026 21:23 Last: 12.05.2026 21:23 Sources 1

About this happening: Fortinet released **security updates** for **FortiSandbox** and **FortiAuthenticator** to fix **two critical vulnerabilities** that could let an **unauthenticated attacker** execu...

SAP security patch release for CVE-2019-17571

Security Patch Release
H score42 First: 11.03.2026 14:26 Last: 11.03.2026 14:26 Sources 1

About this happening: **SAP** released security updates for **two critical flaws** in **FS-QUO** and **NetWeaver Enterprise Portal Administration**, reducing the risk of **arbitrary code execution** on...

Fortinet FortiClientEMS security update for CVE-2026-21643

Security Patch Release
H score54 First: 10.02.2026 06:38 Last: 10.02.2026 06:38 Sources 1

About this happening: Fortinet released **security updates** for **FortiClientEMS** to fix **CVE-2026-21643**, a critical **SQL injection** flaw that could let an **unauthenticated attacker** execute a...

Fortinet security patch release for CVE-2026-24858

Security Patch Release
H score51 First: 28.01.2026 06:49 Last: 28.01.2026 06:49 Sources 1

About this happening: **Fortinet** began releasing **security updates** for **CVE-2026-24858**, a critical **FortiOS** authentication-bypass flaw that also affects **FortiManager** and **FortiAnalyzer*...

Timeline

  1. 21.01.2026 19:49 3 articles · 5mo ago

    Fortinet plans follow-on FortiOS fixes for CVE-2025-59718

    Mitigation Patch Update

    Fortinet is reportedly preparing FortiOS 7.4.11, 7.6.6, and 8.0.0 over the coming days to fully patch CVE-2025-59718 after earlier FortiOS 7.4.9 and 7.4.10 updates were said to leave the authentication bypass incomplete. FortiGate admins running 7.4.9/7.4.10 reported malicious SSO logins that created local admin access, reinforcing the need for the follow-on release.

    Show sources