VDB
GCVE-110-NCSC-2026-120
GCVE-110-NCSC-2026-120
Advisory PublishedCVSS 8.1/10
A heap-based buffer overflow vulnerability in Fortinet FortiAnalyzer Cloud and FortiManager Cloud versions 7.6.2 to 7.6.4 may allow remote unauthenticated attackers to execute arbitrary code via crafted requests, though exploitation requires significant preparation due to ASLR and network segmentation.
Weaknesses (CWE)
CWE-122Heap-based Buffer OverflowCWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Risk Scores
CVSS 3.1
8.1/10
High · CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Fortinet | vers:unknown/* | — | — |
Browse GCVE Records
72,580 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.