Three critical Fortinet sandbox bugs splattered by unknown attackers

Three critical Fortinet FortiSandbox flaws are under active exploitation. The bugs allow authentication bypass, privilege escalation, and code execution. Fortinet patched CVE-2026-39813 and CVE-2026-39808 in April and CVE-2026-25089 last week. All three carry a 9.1 CVSS rating. Administrators must upgrade to fixed versions immediately.