Cyber Resilience

← All vendors

Fortinet

CPE vendor key: fortinet · 371 CVEs published in the last 24 months.

CVEs (365 d)
169
▼ -8 vs prior 30d
Avg CVSS (365 d)
6.85
over 169 CVEs
Avg EPSS pct (365 d)
0.34
higher = more likely exploited
KEV hit rate (365 d)
4.1%
7 of 169 added to CISA KEV
LLM-credited CVEs
0
 

Monthly CVE volume — last 24 months

202420252026052
Each point is one calendar month. Bars in the severity card to the right slice the same volume by CVSS band.

Severity mix

CritHighMedLow
Stacked by CVSS band (Critical / High / Medium / Low) using the best available metric per CVE.

Top affected products (24 mo)

fortios
89
fortimanager
56
fortiproxy
46
fortianalyzer
46
fortiweb
42
forticlient
28
fortimanager_cloud
27
fortisandbox
26
fortisoar
20
fortivoice
18
Distinct CVEs that include each product in their CPE configuration.

Top CWEs (24 mo)

CWE-78
39
CWE-22
25
CWE-79
24
CWE-89
20
CWE-284
16
CWE-787
16
CWE-121
14
CWE-23
12
CWE-200
11
CWE-295
9
Distinct CVEs assigned each weakness.

Recent CISA KEV adds (last 12 months)

AddedCVEProductKEV name
2026-04-13CVE-2026-21643FortiClient EMSFortinet FortiClient EMS SQL Injection Vulnerability
2026-04-06CVE-2026-35616FortiClient EMSFortinet FortiClient EMS Improper Access Control Vulnerability
2026-01-27CVE-2026-24858Multiple ProductsFortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel Vulnerability
2025-12-16CVE-2025-59718Multiple ProductsFortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability
2025-11-18CVE-2025-58034FortiWebFortinet FortiWeb OS Command Injection Vulnerability
2025-11-14CVE-2025-64446FortiWebFortinet FortiWeb Path Traversal Vulnerability
2025-07-18CVE-2025-25257FortiWebFortinet FortiWeb SQL Injection Vulnerability
Filtered to KEV rows where the CISA vendor name matches this vendor, to drop cross-OS noise (e.g. third-party Windows apps that CPE-map to Microsoft).

LLM-credited CVEs from this vendor

No LLM-credited CVEs for this vendor yet.

From mythos_attributed_cves: CVEs whose NVD description or vendor advisory credits an LLM-assisted discovery. Confidence is high for every row.

Generated 19 June 2026 13:18 UTC <span class="time-ago" data-iso="2026-06-19T13:18:30Z"></span>.