Buffer Over-read Vulnerability in Fortinet FortiOS and FortiProxy Products
CVE-2026-59840
4.1MEDIUM
Key Information:
- Vendor
Fortinet
- Vendor
- CVE Published:
- 14 July 2026
What is CVE-2026-59840?
A buffer over-read vulnerability exists in Fortinet's FortiOS and FortiProxy products, potentially allowing an attacker to access sensitive information. This issue affects multiple versions of FortiOS (from 7.6.0 to 7.6.2, 7.4.0 to 7.4.8, and all versions of 7.2) and FortiProxy (from 7.6.0 to 7.6.5, 7.4.0 to 7.4.13, and all versions of 7.2). The vulnerability may be exploited to disclose information that should remain confidential, emphasizing the need for users to apply recommended security measures. For further details, please refer to the official Fortinet advisory.
Affected Version(s)
FortiOS 7.6.0 <= 7.6.2
FortiOS 7.4.0 <= 7.4.8
FortiOS 7.2.0 <= 7.2.13