CVE-2026-25815

Name of the Vulnerable Software and Affected Versions Fortinet FortiOS versions through 7.6.6

Description Fortinet FortiOS through version 7.6.6 allows attackers to decrypt LDAP credentials stored in device configuration files. This issue was exploited in the wild between December 16, 2025, and 2026. The default encryption key is the same across all customer installations, facilitating decryption.

Recommendations Versions prior to 7.6.7 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.