CVE-2026-59835

EUVD-2026-43710
A exposure of resource to wrong sphere vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.3 through 4.4.8 may allow an unauthenticated attacker to access the VNC server of VMs performing scanning via network requests.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
fortinetCNA
8.6 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
fortinetfortisandbox
5.0.0 ≤
𝑥
≤ 5.0.2
CNA
fortinetfortisandbox
4.4.3 ≤
𝑥
≤ 4.4.8
CNA