Today, Fortinet released security updates to patch a new FortiWeb zero-day vulnerability that threat actors are actively exploiting in attacks. Tracked as CVE-2025-58034, this web application firewall ...

The U.S. cybersecurity agency issued an advisory giving government agencies just a week to remediate the issue that Fortinet says has been exploited in attacks. The U.S. Cybersecurity and ...

Fortinet has confirmed that it has silently patched a critical zero-day vulnerability in its FortiWeb web application firewall, which is now "massively exploited in the wild." The flaw was silently ...

A critical Fortinet FortiWeb vulnerability capable of remote code execution has been exploited in the wild. Because the vulnerability is capable of remote code execution in a pre-authentication state ...

Fortinet has issued an urgent patch for a high-severity vulnerability in FortiWeb which is apparently being abused in the wild. FortiWeb is the company’s dedicated web application firewall (WAF), ...

The cybersecurity vendor confirmed Friday that the flaw has been ‘exploited in the wild on FortiWeb.’ Fortinet confirmed Friday that a critical-severity vulnerability affecting its web application ...

On Thursday last week, Fortinet released security updates – the most serious vulnerability affects FortiWeb. Attackers can exploit an SQL injection vulnerability in non-updated systems. IT researchers ...

Only days after Fortinet was criticized by researchers for ‘silently’ patching a zero-day vulnerability without informing its customers, it has emerged that it did the same for a second zero-day that ...

Researchers say the flaw, affecting thousands of internet-facing FortiWeb instances, was exploited long before Fortinet disclosed or rated its severity. Security researchers are warning about two ...