Zero Day MonitorZDM

← Back to list

7.3

CVE-2026-22828EXPLOITEDPATCHED

Fortinet · FortiAnalyzer Cloud

CVE-2026-22828: A heap-based buffer overflow vulnerability in Fortinet FortiAnalyzer Cloud 7.6.2 through 7.6.4, FortiManager Cloud 7.6.2

Description

A heap-based buffer overflow vulnerability in Fortinet FortiAnalyzer Cloud 7.6.2 through 7.6.4, FortiManager Cloud 7.6.2 through 7.6.4 may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests. Successful exploitation would require a large amount of effort in preparation because of ASLR and network segmentation

Affected Products

Vendor	Product	Versions
Fortinet	FortiAnalyzer Cloud	7.6.2, 7.6.2

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
fortinet	fortimanager cloud	mitre_affected	90%

References

https://fortiguard.fortinet.com/psirt/FG-IR-26-121

Related News (2 articles)

Tier C

VulDB6h ago

CVE-2026-22828 | Fortinet FortiAnalyzer Cloud/FortiManager Cloud up to 7.6.4 heap-based overflow (FG-IR-26-121)

→ No new info (linked only)

Tier A

Fortinet PSIRT15h ago

Heap-based buffer overflow in oftpd daemon

→ No new info (linked only)

CVSS 3.17.3 HIGH

VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

7.6.5

CWECWE-122

PublishedApr 14, 2026

Last enriched7h agov2

Trending Score62

Source articles2

Independent2

Info Completeness10/14

Missing: epss, kev, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-21643EXPKEV

CVE-2026-21643: An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiC

CRITICALCVE-2026-35616EXPKEV

CVE-2026-35616: A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated atta

CRITICALCVE-2026-39808EXP

CVE-2026-39808: A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet F

CRITICALCVE-2026-39813EXP

CVE-2026-39813: A path traversal: '../filedir' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.

HIGHCVE-2026-39815EXP

CVE-2026-39815: A improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiDD

Pin to Dashboard

Verification

State: verified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 14, 2026

Discovered by ZDM

Apr 14, 2026

Updated: affectedVersions, patchAvailable, exploitAvailable, activelyExploited, description

Apr 14, 2026

Actively Exploited

Apr 14, 2026

Exploit Available

Apr 14, 2026

Patch Available

Apr 14, 2026

Version History

v2

Last enriched 7h ago

v2Tier A7h ago

Updated affected versions to include 7.6.5, added patch availability, and marked the vulnerability as exploitable and actively exploited.

affectedVersionspatchAvailableexploitAvailableactivelyExploiteddescription

via Fortinet PSIRT

v17h ago

Initial creation