CRN

Fortinet Gives FortiWeb Web App Firewalls, PCI A Jolt With New Firmware

The FortiWeb 4.0 MR2 firmware update adds more protection against remote file inclusion attacks; new file upload restrictions so that new control which file types can be uploaded to Web applications, ...
The Hacker News

Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected

Fortinet released updates for an actively exploited FortiOS SSO authentication bypass flaw, CVE-2026-24858, now listed by CISA in KEV.
Threat Post

Unpatched Fortinet Bug Allows Firewall Takeovers

The OS command-injection bug, in the web application firewall (WAF) platform known as FortiWeb, will get a patch this week. An unpatched OS command-injection security vulnerability has been disclosed ...