VYPR
High severity7.2NVD Advisory· Published Apr 14, 2026· Updated Apr 20, 2026

CVE-2026-40688

CVE-2026-40688

Description

An out-of-bounds write vulnerability [CWE-787] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow a remote privileged attacker to execute arbitrary code or command via crafted HTTP requests.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Fortinet/Fortiweb2 versions
    cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*range: >=7.4.0,<7.4.12
    • (no CPE)range: 7.4.0 through 7.4.11, 7.6.0 through 7.6.6, 8.0.0 through 8.0.3

Patches

Vulnerability mechanics

References

1

News mentions

1