CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Fortinet: >> Fortiauthenticator >> 6.6.5 Security Vulnerabilities

CVE-2026-21743

A missing authorization vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow a read-only user to make modification to local users via a file upload to an unprotected endpoint.

CVSS Score

7.2

EPSS Score

0.0

Published

2026-02-10

CVE-2025-57823

A direct request ('forced browsing') vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow an authenticated attacker with at least sponsor permissions to read and download device logs via accessing specific endpoints

CVSS Score

2.7

EPSS Score

0.0

Published

2025-12-09

Page 1

Vulnerabilities

Vulnerable Software

Fortinet: >> Fortiauthenticator >> 6.6.5 Security Vulnerabilities

Products

Pricing

Contact Us