CVE-2026-40688 Fortinet — Exploit & Vulnerability Details HIGH

Parameter	Value
CVSS	7.2 (HIGH)
Type	CWE-787 (Out-of-bounds Write)
Vendor	Fortinet
Public PoC	No

An out-of-bounds write vulnerability [CWE-787] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow a remote privileged attacker to execute arbitrary code or command via crafted HTTP requests.

Attack Parameters

Attack Vector

Network

Can be exploited remotely

Attack Complexity

Low

Easy to exploit

Privileges Required

High

Admin privileges needed

User Interaction

None

No user interaction needed

Impact Assessment

Confidentiality

High

Complete data leak

Integrity

High

Complete data modification

Availability

High

Complete denial of service

CVSS Vector v3.1

Weakness Type (CWE)

CWE-787 Out-of-bounds Write

References 1

https://fortiguard.fortinet.com/psirt/FG-IR-26-127

psirt@fortinet.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-39815

Fortinet

8.8

CVE-2026-39814

Fortinet

6.7

CVE-2026-39813

Fortinet

9.8

CVE-2026-39812

Fortinet

4.8

CVE-2026-39811

Fortinet

4.9

Menu

CVE-2026-40688

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-39815

CVE-2026-39814

CVE-2026-39813

CVE-2026-39812

CVE-2026-39811

CVE Details

Editor's Choice

Menu

CVE-2026-40688

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-39815

CVE-2026-39814

CVE-2026-39813

CVE-2026-39812

CVE-2026-39811

CVE Details

Editor's Choice

Stay informed on cybersecurity