Vulnerability Details CVE-2026-59835
A exposure of resource to wrong sphere vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.3 through 4.4.8 may allow an unauthenticated attacker to access the VNC server of VMs performing scanning via network requests.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 35.7%
CVSS Severity
CVSS v3 Score 8.6
Products affected by CVE-2026-59835
-
cpe:2.3:a:fortinet:fortisandbox:4.4.3
-
cpe:2.3:a:fortinet:fortisandbox:4.4.4
-
cpe:2.3:a:fortinet:fortisandbox:4.4.5
-
cpe:2.3:a:fortinet:fortisandbox:4.4.6
-
cpe:2.3:a:fortinet:fortisandbox:4.4.7
-
cpe:2.3:a:fortinet:fortisandbox:4.4.8
-
cpe:2.3:a:fortinet:fortisandbox:5.0.0
-
cpe:2.3:a:fortinet:fortisandbox:5.0.1
-
cpe:2.3:a:fortinet:fortisandbox:5.0.2