QSearchQSearch

CVE-2025-58903

2.7 LOW

An Unchecked Return Value vulnerability [CWE-252] in Fortinet FortiOS version 7.6.0 through 7.6.3 and before 7.4.8 API allows an authenti...

Published: 2025-10-14 · Last updated: 2026-06-09

Severity and scoring

CVSS
2.7 LOW
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
CWE
CWE-252

Affected products

VendorProduct
fortinetfortios

Description

An Unchecked Return Value vulnerability [CWE-252] in Fortinet FortiOS version 7.6.0 through 7.6.3 and before 7.4.8 API allows an authenticated user to cause a Null Pointer Dereference, crashing the http daemon via a specialy crafted request.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-44277 A improper access control vulnerability in Fortinet FortiAuthenticator 8.0.2, FortiAuthenticator 8.0.0, FortiAuthenticator 6.6.0 through ... (9.8 CRITICAL)
  • CVE-2026-25690 An improper neutralization of argument delimiters in a command ('argument injection') vulnerability in Fortinet FortiDeceptor 6.0.0 throu... (4.3 MEDIUM)
  • CVE-2026-25088 An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiNDR 7.6.0 through ... (5.4 MEDIUM)
  • CVE-2025-53844 A out-of-bounds write vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11 al... (8.8 HIGH)
  • CVE-2025-68648 A use of externally-controlled format string vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4... (7.2 HIGH)

Same CWE

  • CVE-2026-46521 ImageMagick is free and open-source software used for editing and manipulating digital images (5.5 MEDIUM)
  • CVE-2026-40092 nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation (7.5 HIGH)
  • CVE-2026-23301 In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Add allocation failure check for Entity name Currently ... (5.5 MEDIUM)