CVE-2026-39808
â criticalSummary
A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.8 may allow attacker to execute unauthorized code or commands via <insert attack vector here>
CVSS Score
9.8
Critical
EPSS Score
0.3
Exploit Probability
Published Date
2026-04-14
First Seen: 2026-04-15
đ Relative Risk Intelligence
This CVE is Very High Risk - more severe than 90.4% of all 321,566 vulnerabilities in our database.
#30,777
Top 10% most severe
Severity Percentile
đ¯ CISA SSVC Assessment Updated: Apr 14, 2026
đ Exploitation Status
None
No known exploits
âī¸ Automatable
YES
Can be exploited automatically
đĨ Technical Impact
Total
Complete system compromise possible
SSVC data provided by
CISA
Last Modified
2026-04-20
Source
NVD đ
CVSS Vector 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE IDs (Weakness Types)