CVE-2026-39809
A improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiCl
A improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5, FortiClientEMS 7.2.0 through 7.2.12, FortiClientEMS 7.0 all versions may allow attacker to execute unauthorized code or commands via sending crafted requests.
MEDIUM · CVSS 6.7
EPSS 0.0003
Monitor
- No active-exploitation, high-EPSS, or public-exploit signals - routine patching cadence
Sigma rules0
YARA rules0