Medium severity5.5NVD Advisory· Published May 12, 2026· Updated May 16, 2026
CVE-2026-44279
CVE-2026-44279
Description
A improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTokenAndroid 5.2 all versions may allow attacker to improper access control via <insert attack vector here>
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- fortiguard.fortinet.com/psirt/FG-IR-26-130nvdVendor Advisory
News mentions
27- Webinar | The Compliance Problem Hiding in Cross-Border Data FlowsGovInfoSecurity · May 18, 2026
- Grafana GitHub Token Breach Led to Codebase Download and Extortion AttemptThe Hacker News · May 17, 2026
- PoC Code Published for Critical NGINX VulnerabilitySecurityWeek · May 16, 2026
- F5 Patches Over 50 VulnerabilitiesSecurityWeek · May 14, 2026
- Thus Spoke…The GentlemenCheck Point Research · May 13, 2026
- Fortinet, Ivanti Patch Critical VulnerabilitiesSecurityWeek · May 13, 2026
- Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticatorBleepingComputer · May 12, 2026
- Microsoft May 2026 Patch Tuesday fixes 120 flaws, no zero-daysBleepingComputer · May 12, 2026
- OpenAI Launches 'Daybreak' to Help Build Secure By Design SoftwareInfosecurity Magazine · May 12, 2026
- OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch ValidationThe Hacker News · May 12, 2026
- Ivanti Patches EPMM Zero-Day Exploited in Targeted AttacksSecurityWeek · May 8, 2026
- ServiceNow strengthens enterprise AI security with Autonomous Security & Risk platformHelp Net Security · May 6, 2026
- ⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & MoreThe Hacker News · May 4, 2026
- Post-quantum encryption for Cloudflare IPsec is generally availableCloudflare Blog · Apr 30, 2026
- Cybersec is a thankless job: expanding workload and shrinking pay packetThe Register Security · Apr 27, 2026
- Cybersec is a thankless job: expanding workload and shrinking pay packetThe Register Security · Apr 27, 2026
- ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New StoriesThe Hacker News · Apr 23, 2026
- Attackers Exploit DVR Command Injection Flaw to Deploy Mirai-Based BotnetInfosecurity Magazine · Apr 20, 2026
- Metasploit Wrap-Up 04/17/2026Rapid7 Blog · Apr 17, 2026
- Researchers Spot Surge in Brute-Force Attacks from Middle EastInfosecurity Magazine · Apr 15, 2026
- ZDI-26-265: Fortinet FortiWeb cgi_buf_alloc Integer Overflow Denial-of-Service VulnerabilityZero Day Initiative · Apr 15, 2026
- ZDI-26-266: Fortinet FortiWeb cat_cgi_paths Out-Of-Bounds Write Remote Code Execution VulnerabilityZero Day Initiative · Apr 15, 2026
- 13th April – Threat Intelligence ReportCheck Point Research · Apr 13, 2026
- Risky Business #832 -- Anthropic unveils magical 0day computer GodRisky Business · Apr 8, 2026
- Fortinet Releases Emergency Patch After FortiClient EMS Bug Is ExploitedInfosecurity Magazine · Apr 7, 2026
- GitHub Used as Covert Channel in Multi-Stage Malware CampaignInfosecurity Magazine · Apr 2, 2026
- ZDI-26-186: Fortinet FortiClient Link Following Local Privilege Escalation VulnerabilityZero Day Initiative · Mar 10, 2026