CRITICAL 4 min read 18 Jul 2026

Actively exploited FortiSandbox command-injection flaws prompt CISA patch order

What changed Finding 01 adds CVE-2026-39808 and CVE-2026-25089 as Critical FortiSandbox command-injection vulnerabilities with verified active exploitation and a CISA patch order. Finding 02 identifies CVE-2026-54567 as an incomplete-fix variant of CVE-2026-27641 in Flask-Reuploaded, while Finding 03 records security updates for the Critical CVE-2026-53412 affecting Zoom Workplace and VDI Client for Windows.

Key findings
01
CVE-2026-39808: Actively exploited FortiSandbox command-injection flaws prompt CISA patch order
CRITICAL
CVE-2026-39808 and CVE-2026-25089 are Critical OS command-injection vulnerabilities with CVSS 3.1 scores of 9.1. Active exploitation is verified for both CVEs through CISA KEV, with EPSS percentiles of approximately 100 and 98 respectively.
02
CVE-2026-27641: Flask-Reuploaded extension-denylist bypass is an incomplete-fix variant
CRITICAL
CVE-2026-54567 is a High-severity extension-denylist bypass involving case-folding asymmetry in Flask-Reuploaded’s name-override path. The linked advisory describes it as an incomplete-fix variant of Critical CVE-2026-27641.
03
CVE-2026-53412: Zoom updates address a Windows account-takeover vulnerability
CRITICAL
CVE-2026-53412 is a Critical improper-input-validation vulnerability with a CVSS 3.1 score of 9.8. The captured source says an unauthenticated user may conduct account takeover through network access.
04
CVE-2026-44747: SAP updates address a Critical NetWeaver ABAP vulnerability
CRITICAL
CVE-2026-44747 is a Critical out-of-bounds-write vulnerability in SAP NetWeaver Application Server ABAP with a CVSS 3.1 score of 9.9. The captured source says an authenticated attacker can leverage logical errors in memory management to cause memory corruption that could lead to unauthorised data access.
05
CVE-2026-44221: ArcadeDB incomplete fix permits read-only schema mutation
CRITICAL
CVE-2026-54076 is a High-severity missing-authorisation vulnerability whose linked advisory says read-only ArcadeDB users can mutate database schema. It is described as an incomplete fix of Critical incorrect-authorisation vulnerability CVE-2026-44221.
06
CVE-2026-55579: Pheditor ships with an unchanged default administrator password
CRITICAL
CVE-2026-55579 is a Critical hard-coded-credentials vulnerability with a CVSS 3.1 score of 9.8. The linked advisory states that Pheditor uses the default password ‘admin’ without forcing a change, enabling full application compromise.
07
CVE-2026-25048: xgrammar 0.1.32 fixes nested-syntax crashes
HIGH
CVE-2026-25048 is a High-severity uncontrolled-recursion vulnerability in xgrammar with a CVSS 4.0 score of 8.7. Before version 0.1.32, multi-level nested syntax could cause a segmentation fault and terminate the process. Version 0.1.32 is identified as patched. Exploitation is not confirmed.
08
CVE-2026-24157: NVIDIA updates NeMo Framework for untrusted checkpoint deserialisation
HIGH
CVE-2026-24157 is a High-severity deserialisation-of-untrusted-data vulnerability in NVIDIA NeMo Framework with a retained CVSS 3.1 score of 7.8. The flaw exists in checkpoint parsing and can allow code execution in the current process after the target visits a malicious page or opens a malicious file.
09
CVE-2026-13084: WatchGuard IKEv2 processing flaw can cause denial of service
HIGH
CVE-2026-13084 is a High-severity null-pointer-dereference vulnerability affecting WatchGuard FireWare OS systems using VPN with IKEv2. An unauthenticated remote attacker can trigger denial of service through IKEv2 IKE_AUTH message handling. WatchGuard has issued an update.
10
CVE-2026-8247: WatchGuard FireWare OS flaw permits network-adjacent code execution
HIGH
CVE-2026-8247 is a High-severity buffer-copy vulnerability in WatchGuard FireWare OS. The flaw affects Terminal Service agent login notification handling and permits a network-adjacent, unauthenticated attacker to execute code as root. WatchGuard has issued an update.
11
CVE-2026-8108: Fuji Electric Tellus driver flaw permits local denial of service
HIGH
CVE-2026-8108 is a High-severity vulnerability in the pcid64 driver used by Fuji Electric Tellus. A local attacker who can already execute low-privileged code may supply a value that is dereferenced as a pointer, causing denial of service. Fuji Electric has issued an update.
12
CVE-2026-8921: ASUS Business Manager flaw permits local privilege escalation
HIGH
CVE-2026-8921 is a High-severity vulnerability in ASUS Business Manager Service. A local attacker who can execute low-privileged code may exploit client-side authentication to escalate privileges and execute code as SYSTEM. ASUS has issued an update.
13
CVE-2026-48344: Adobe Creative Cloud service permissions permit local privilege escalation
HIGH
CVE-2026-48344 is a High-severity time-of-check/time-of-use race condition affecting Adobe Creative Cloud Desktop Application. Incorrect permissions on a resource used by AGSService can allow an attacker who already has low-privileged local code execution to escalate privileges and execute code as SYSTEM.
14
CVE-2026-50197: Skipper incomplete fix permits OPA policy bypass
HIGH
CVE-2026-50197 is a High-severity vulnerability with a CVSS 4.0 score of 7.8. The linked advisory states that an oversized request body can bypass OPA deny-on-presence Rego policies and describes the issue as an incomplete fix. No fixed version is established, and exploitation is not confirmed.
15
CVE-2026-35188: OpenSSL malformed OCSP-response processing can trigger a double free
MEDIUM
CVE-2026-35188 is a Medium-severity double-free vulnerability in OpenSSL with a retained CVSS 3.1 score of 5.0. A target must request content from a malicious server, which can return a malformed OCSP response and potentially enable code execution in the current process.

What changed

Finding 01 adds CVE-2026-39808 and CVE-2026-25089 as Critical FortiSandbox command-injection vulnerabilities with verified active exploitation and a CISA patch order. Finding 02 identifies CVE-2026-54567 as an incomplete-fix variant of CVE-2026-27641 in Flask-Reuploaded, while Finding 03 records security updates for the Critical CVE-2026-53412 affecting Zoom Workplace and VDI Client for Windows.

Finding 04 reports SAP’s July updates for Critical CVE-2026-44747. Finding 05 identifies CVE-2026-54076 as an incomplete fix of CVE-2026-44221 that permits read-only ArcadeDB users to mutate the database schema. Finding 06 adds Critical CVE-2026-55579, concerning Pheditor’s hard-coded default ‘admin’ password without a forced change.

Finding 07 records xgrammar’s version 0.1.32 patch for CVE-2026-25048. Finding 08 adds NVIDIA’s update for CVE-2026-24157 in NeMo Framework. Findings 09 and 10 add separate WatchGuard FireWare OS issues: CVE-2026-13084 can cause denial of service on VPN systems using IKEv2, while CVE-2026-8247 permits network-adjacent, unauthenticated code execution.

Finding 11 adds CVE-2026-8108, a local denial-of-service risk in Fuji Electric Tellus. Finding 12 adds CVE-2026-8921, which permits a low-privileged local attacker to escalate privileges in ASUS Business Manager. Finding 13 adds the similarly local, low-privilege prerequisite for CVE-2026-48344 in Adobe Creative Cloud Desktop Application.

Finding 14 identifies an incomplete fix for CVE-2026-50197 in Skipper, where an oversized body can bypass OPA deny-on-presence Rego policies. Finding 15 adds CVE-2026-35188, a Medium-severity OpenSSL double-free issue involving malformed OCSP responses, for which an update is available.

Why it matters

Finding 01 warrants the fastest response because both retained CVEs have verified exploitation and appear in CISA KEV. The remaining findings do not have confirmed exploitation in the available evidence and should not inherit Finding 01’s exploitation status.

Findings 02, 05 and 14 each concern incomplete remediation, but the affected components and bypass conditions differ. They therefore require separate validation against the linked Flask-Reuploaded, ArcadeDB and Skipper advisories rather than one shared remediation assumption.

Findings 08, 12 and 13 can result in code execution or privilege escalation but depend on different prerequisites: user interaction for NVIDIA NeMo Framework, and prior low-privileged local execution for ASUS Business Manager and Adobe Creative Cloud Desktop Application. Finding 10 instead exposes affected WatchGuard systems to a network-adjacent, unauthenticated path.

  • Recommended actions
  • FortiSandbox owner: For Finding 01, identify every FortiSandbox deployment affected by CVE-2026-39808 or CVE-2026-25089, follow the CISA-directed remediation urgently, and investigate those systems for compromise because exploitation is verified for both CVEs.
  • Flask-Reuploaded owner: For Finding 02, determine exposure to CVE-2026-54567 and CVE-2026-27641, then verify the current linked advisory’s remediation rather than treating commit d64c6b2f71cb73734fc38baa0e3e156926361288 for CVE-2026-27641 as proof that the incomplete-fix variant is resolved.
  • Zoom owner: For Finding 03, update Zoom Workplace for Windows to 7.0.0 or later and update each Zoom Workplace VDI Client for Windows branch beyond the affected versions specified for CVE-2026-53412.
  • SAP owner: For Finding 04, identify SAP NetWeaver Application Server ABAP instances affected by CVE-2026-44747 and apply the relevant July 2026 SAP security update.
  • ArcadeDB owner: For Finding 05, assess CVE-2026-54076 and CVE-2026-44221 separately, then test that read-only accounts cannot mutate database schema after applying the linked advisory’s current remediation.
  • Pheditor owner: For Finding 06, inventory Pheditor installations affected by CVE-2026-55579, replace the default ‘admin’ password immediately, and ensure deployments require a credential change before use.
  • xgrammar owner: For Finding 07, upgrade CVE-2026-25048-affected deployments to xgrammar 0.1.32 or later and verify that untrusted multi-level nested syntax cannot terminate the consuming service.
  • NVIDIA NeMo owner: For Finding 08, apply NVIDIA’s update for CVE-2026-24157 and restrict the opening or processing of untrusted checkpoints, files and linked content until coverage is confirmed.
  • WatchGuard VPN owner: For Finding 09, identify FireWare OS systems using VPN with IKEv2 and apply WatchGuard’s update for CVE-2026-13084, prioritising externally reachable services that process IKEv2 IKE_AUTH messages.
  • WatchGuard appliance owner: For Finding 10, apply WatchGuard’s update for CVE-2026-8247 and restrict network-adjacent access to affected FireWare OS systems until remediation is verified.
  • Fuji Electric Tellus owner: For Finding 11, apply the update referenced by the linked advisory for CVE-2026-8108 and limit low-privileged local code execution on affected systems.
  • ASUS endpoint owner: For Finding 12, apply ASUS’s update for CVE-2026-8921 and review which users or processes can execute low-privileged code on systems running Business Manager.
  • Adobe endpoint owner: For Finding 13, apply Adobe’s update for CVE-2026-48344 and investigate whether low-privileged users can influence resources used by AGSService.
  • Skipper owner: For Finding 14, assess CVE-2026-50197 against the latest linked advisory and test OPA deny-on-presence Rego policies with oversized request bodies before accepting the remediation.
  • OpenSSL owner: For Finding 15, apply an OpenSSL release containing the fix for CVE-2026-35188 and reduce requests to untrusted servers until the update is verified.

Evidence limits

No affected-version or fixed-version detail is available here for Finding 01, and the source excerpt does not establish which FortiSandbox releases remediate CVE-2026-39808 or CVE-2026-25089.

For Findings 02, 05, 06 and 14, the captured GitHub excerpts establish the advisory subjects but do not provide complete affected-version and fixed-version information. The recorded fixes for CVE-2026-27641 and CVE-2026-44221 do not establish fixes for CVE-2026-54567 and CVE-2026-54076 respectively, while no fixed revision is stated for CVE-2026-55579 or CVE-2026-50197.

Findings 08 through 13 and Finding 15 contain score differences between the retained assessment and the linked ZDI pages. The report preserves High for CVE-2026-24157, CVE-2026-8247, CVE-2026-13084, CVE-2026-8108, CVE-2026-8921 and CVE-2026-48344, and Medium for CVE-2026-35188, without attempting to reconcile the differing numerical scores.

Finding 03 supplies affected-version boundaries but not a fixed revision for CVE-2026-53412. Finding 04 states that SAP released updates but does not provide the exact remediated release for CVE-2026-44747. Finding 07 identifies xgrammar 0.1.32 as patched for CVE-2026-25048.

cve-2026-13084cve-2026-24157cve-2026-25048cve-2026-27641cve-2026-35188cve-2026-39808cve-2026-44221cve-2026-44747cve-2026-48344cve-2026-50197

Act on this brief

Map detection coverage gaps for the techniques above, or generate Sigma rules from the named CVEs.