Attackers are exploiting FortiSandbox vulnerabilities
Attackers have been spotted exploiting three vulnerabilities (CVE-2026-39813, CVE-2026-39808, CVE-2026-25089) in FortiSandbox, a platform that other Fortinet security products depend on for threat verdicts to enforce blocking decisions and trigger automated responses.
The warning came on Monday from threat intelligence company Defused, which said that the exploit for one of the flaws is vibecoded, and likely faulty.
The vulnerabilities
Fortinet disclosed CVE-2026-39813 and CVE-2026-39808 in April 2026.
The former is a path traversal vulnerability in FortiSandbox’s JRPC API that could be leveraged for bypassing authentication on systems running FortiSandbox, while the latter is an OS command injection vulnerability that could lead to unauthenticated code/command execution.
CVE-2026-25089, an OS command injection vulnerability affecting the web user interface of FortiSandbox, FortiSandbox Cloud and FortiSandbox PaaS, may allow an unauthenticated attacker to execute unauthorized commands via specifically crafted HTTP requests.
CVE-2026-25089 was disclosed a week ago, with its discovery credited to Adham El Karn of the Fortinet Product Security team.
All three flaws have been fixed by Fortinet.
Additional details about the attacks are not available, and the vendor has yet to confirm in-the-wild exploitation of these vulnerabilities.
While vulnerabilities in other Fortinet solutions are often leveraged by attackers, FortiSandbox wasn’t a common target historically.
But the vibecoded exploit for CVE-2026-25089 might be a sign of things to come: with AI lowering the barrier to exploit development and accelerating vulnerability research, attackers are likely to cast a wider net across disclosed vulnerabilities going forward.
