Fortinet Fortianalyzercloud

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Fortinet Fortianalyzercloud.

By the Year

In 2026 there have been 5 vulnerabilities in Fortinet Fortianalyzercloud with an average score of 5.9 out of ten. Last year, in 2025 Fortianalyzercloud had 1 security vulnerability published. That is, 4 more vulnerabilities have already been reported in 2026 as compared to last year. Last year, the average CVE base score was greater by 0.62

Year	Vulnerabilities	Average Score
2026	5	5.88
2025	1	6.50

It may take a day or so for new Fortianalyzercloud vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Fortinet Fortianalyzercloud Security Vulnerabilities

FortiAnalyzer/Manager 7.x/Cloud auth bypass via race condition (CVE-2026-22629)
CVE-2026-22629 3.4 - Low - March 10, 2026

An improper restriction of excessive authentication attempts vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4 all versions, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.6.0 through 7.6.4, FortiAnalyzer Cloud 7.4 all versions, FortiAnalyzer Cloud 7.2 all versions, FortiAnalyzer Cloud 7.0 all versions, FortiAnalyzer Cloud 6.4 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4 all versions, FortiManager 7.2 all versions, FortiManager 7.0 all versions, FortiManager 6.4 all versions, FortiManager Cloud 7.6.0 through 7.6.4, FortiManager Cloud 7.4 all versions, FortiManager Cloud 7.2 all versions, FortiManager Cloud 7.0 all versions, FortiManager Cloud 6.4 all versions may allow an attacker to bypass bruteforce protections via exploitation of race conditions. The latter raises the complexity of practical exploitation.

Improper Restriction of Excessive Authentication Attempts

Fortinet FortiAnalyzer/Manager 7.x6.4 Priv Esc via Hidden CLI Cmd
CVE-2025-48418 6.4 - Medium - March 10, 2026

A hidden functionality vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2.0 through 7.2.10, FortiAnalyzer 7.0.0 through 7.0.14, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud 7.4.1 through 7.4.7, FortiAnalyzer Cloud 7.2.1 through 7.2.10, FortiAnalyzer Cloud 7.0.1 through 7.0.14, FortiAnalyzer Cloud 6.4 all versions, FortiManager 7.6.0 through 7.6.3, FortiManager 7.4.0 through 7.4.7, FortiManager 7.2.0 through 7.2.10, FortiManager 7.0.0 through 7.0.14, FortiManager 6.4 all versions, FortiManager Cloud 7.6.2 through 7.6.3, FortiManager Cloud 7.4.1 through 7.4.7, FortiManager Cloud 7.2.1 through 7.2.10, FortiManager Cloud 7.0.1 through 7.0.14, FortiManager Cloud 6.4 all versions may allow a remote authenticated read-only admin with CLI access to escalate their privilege via use of a hidden command.

Hidden Functionality

FortiAnalyzer/Manager Cert Validation Flaw 7.x & 6.x MitM
CVE-2025-68482 6.3 - Medium - March 10, 2026

A improper certificate validation vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4.8, FortiManager 7.2 all versions, FortiManager 7.0 all versions, FortiManager 6.4 all versions may allow a remote unauthenticated attacker to view confidential information via a man in the middle [MiTM] attack.

Improper Certificate Validation

Format String Privilege Escalation in FortiAnalyzer/Manager 7.0-7.6.4
CVE-2025-68648 6.5 - Medium - March 10, 2026

A use of externally-controlled format string vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.0 through 7.6.4, FortiAnalyzer Cloud 7.4.0 through 7.4.7, FortiAnalyzer Cloud 7.2 all versions, FortiAnalyzer Cloud 7.0 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4.7, FortiManager 7.2 all versions, FortiManager 7.0 all versions, FortiManager Cloud 7.6.0 through 7.6.4, FortiManager Cloud 7.4.0 through 7.4.7, FortiManager Cloud 7.2 all versions, FortiManager Cloud 7.0 all versions may allow an attacker to escalate its privileges via specially crafted requests.

Use of Externally-Controlled Format String

FortiAnalyzer & FortiManager Auth bypass via crafted requests, v7.2-7.6
CVE-2026-22572 6.8 - Medium - March 10, 2026

An authentication bypass using an alternate path or channel vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2.2 through 7.2.11, FortiManager 7.6.0 through 7.6.3, FortiManager 7.4.0 through 7.4.7, FortiManager 7.2.2 through 7.2.11 may allow an attacker with knowledge of the admins password to bypass multifactor authentication checks via submitting multiple crafted requests.

Authentication Bypass Using an Alternate Path or Channel

FortiOS 6.07.6 Heap Overflow via Crafted Requests
CVE-2024-50571 6.5 - Medium - October 14, 2025

A heap-based buffer overflow vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.2, FortiAnalyzer 7.4.0 through 7.4.5, FortiAnalyzer 7.2.0 through 7.2.9, FortiAnalyzer 7.0.0 through 7.0.13, FortiAnalyzer 6.4 all versions, FortiAnalyzer 6.2 all versions, FortiAnalyzer 6.0 all versions, FortiAnalyzer Cloud 7.4.1 through 7.4.5, FortiAnalyzer Cloud 7.2.1 through 7.2.9, FortiAnalyzer Cloud 7.0.1 through 7.0.13, FortiAnalyzer Cloud 6.4 all versions, FortiManager 7.6.0 through 7.6.1, FortiManager 7.4.0 through 7.4.5, FortiManager 7.2.0 through 7.2.9, FortiManager 7.0.0 through 7.0.13, FortiManager 6.4 all versions, FortiManager 6.2 all versions, FortiManager 6.0 all versions, FortiManager Cloud 7.6.2, FortiManager Cloud 7.4.1 through 7.4.5, FortiManager Cloud 7.2.1 through 7.2.9, FortiManager Cloud 7.0.1 through 7.0.13, FortiManager Cloud 6.4 all versions, FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.6, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4.0 through 6.4.15, FortiOS 6.2 all versions, FortiProxy 7.6.0 through 7.6.1, FortiProxy 7.4.0 through 7.4.7, FortiProxy 7.2.0 through 7.2.12, FortiProxy 7.0.0 through 7.0.19, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1 all versions, FortiProxy 1.0 all versions allows attacker to execute unauthorized code or commands via specifically crafted requests.

Heap-based Buffer Overflow

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Fortinet Fortianalyzercloud or by Fortinet? Click the Watch button to subscribe.

Fortinet
Vendor

Fortinet Fortianalyzercloud
Product

Fortinet Fortianalyzercloud

Don't miss out!

By the Year

Recent Fortinet Fortianalyzercloud Security Vulnerabilities

FortiAnalyzer/Manager 7.x/Cloud auth bypass via race condition (CVE-2026-22629) CVE-2026-22629 3.4 - Low - March 10, 2026

Fortinet FortiAnalyzer/Manager 7.x6.4 Priv Esc via Hidden CLI Cmd CVE-2025-48418 6.4 - Medium - March 10, 2026

FortiAnalyzer/Manager Cert Validation Flaw 7.x & 6.x MitM CVE-2025-68482 6.3 - Medium - March 10, 2026

Format String Privilege Escalation in FortiAnalyzer/Manager 7.0-7.6.4 CVE-2025-68648 6.5 - Medium - March 10, 2026

FortiAnalyzer & FortiManager Auth bypass via crafted requests, v7.2-7.6 CVE-2026-22572 6.8 - Medium - March 10, 2026

FortiOS 6.07.6 Heap Overflow via Crafted Requests CVE-2024-50571 6.5 - Medium - October 14, 2025