Every CVE whose affected-product data names Fortinet Fortiddos-f, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2026-39815 — CVSS 8.8 (high): A improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiDDoS-F 7.2.1 through…
CVE-2022-40679 — CVSS 7.8 (high): An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC 5.x all versions, 6.0 all versions…
CVE-2024-45325 — CVSS 6.7 (medium): An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet…
CVE-2023-29177 — CVSS 6.7 (medium): Multiple buffer copy without checking size of input ('classic buffer overflow') vulnerabilities [CWE-120] in FortiADC version 7.2.0 and…
CVE-2022-27486 — CVSS 6.6 (medium): A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiDDoS version 5.5.0 through…
CVE-2023-25603 — CVSS 5.4 (medium): A permissive cross-domain policy with untrusted domains vulnerability in Fortinet FortiADC 7.1.0 - 7.1.1, FortiDDoS-F 6.3.0 - 6.3.4 and…
CVE-2022-23439 — CVSS 4.7 (medium): A externally controlled reference to a resource in another sphere vulnerability in Fortinet allows attacker to poison web caches via…