Critical severity9.8NVD Advisory· Published Dec 9, 2025· Updated Jun 9, 2026
CVE-2025-59719
CVE-2025-59719
Description
An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9 may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2News mentions
3- No Zero-Day Tied to 80,000 Harvested Fortinet CredentialsGovInfoSecurity · Jun 22, 2026
- ⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and MoreThe Hacker News · Jun 22, 2026
- Fortinet Responds to FortiBleed CampaignSecurityWeek · Jun 22, 2026