{"api_version":"1","generated_at":"2026-04-23T07:56:52+00:00","cve":"CVE-2026-22828","urls":{"html":"https://cve.report/CVE-2026-22828","api":"https://cve.report/api/cve/CVE-2026-22828.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-22828","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-22828"},"summary":{"title":"CVE-2026-22828","description":"A heap-based buffer overflow vulnerability in Fortinet FortiAnalyzer Cloud 7.6.2 through 7.6.4, FortiManager Cloud 7.6.2 through 7.6.4 may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests. Successful exploitation would require a large amount of effort in preparation because of ASLR and network segmentation","state":"PUBLISHED","assigner":"fortinet","published_at":"2026-04-14 16:16:37","updated_at":"2026-04-17 15:11:56"},"problem_types":["CWE-122","CWE-122 Escalation of privilege"],"metrics":[{"version":"3.1","source":"psirt@fortinet.com","type":"Secondary","score":"8.1","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"7.3","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","data":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.3,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","version":"3.1"}}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-26-121","name":"https://fortiguard.fortinet.com/psirt/FG-IR-26-121","refsource":"psirt@fortinet.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-22828","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-22828","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Fortinet","product":"FortiAnalyzer Cloud","version":"affected 7.6.2 7.6.4 semver","platforms":[]},{"source":"CNA","vendor":"Fortinet","product":"FortiManager Cloud","version":"affected 7.6.2 7.6.4 semver","platforms":[]}],"timeline":[],"solutions":[{"source":"CNA","title":"","value":"Upgrade to upcoming  FortiManager Cloud version 8.0.0 or above\nUpgrade to FortiManager Cloud version 7.6.5 or above\nUpgrade to upcoming  FortiAnalyzer Cloud version 8.0.0 or above\nUpgrade to FortiAnalyzer Cloud version 7.6.5 or above","time":"","lang":"en"}],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"22828","cve":"CVE-2026-22828","epss":"0.001770000","percentile":"0.392070000","score_date":"2026-04-21","updated_at":"2026-04-22 00:07:41"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-22828","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2026-04-14T00:00:00+00:00","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-04-15T03:58:26.193Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"cpes":["cpe:2.3:a:fortinet:fortianalyzercloud:7.6.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.6.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.6.2:*:*:*:*:*:*:*"],"defaultStatus":"unaffected","product":"FortiAnalyzer Cloud","vendor":"Fortinet","versions":[{"lessThanOrEqual":"7.6.4","status":"affected","version":"7.6.2","versionType":"semver"}]},{"cpes":["cpe:2.3:a:fortinet:fortimanagercloud:7.6.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.6.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.6.2:*:*:*:*:*:*:*"],"defaultStatus":"unaffected","product":"FortiManager Cloud","vendor":"Fortinet","versions":[{"lessThanOrEqual":"7.6.4","status":"affected","version":"7.6.2","versionType":"semver"}]}],"descriptions":[{"lang":"en","value":"A heap-based buffer overflow vulnerability in Fortinet FortiAnalyzer Cloud 7.6.2 through 7.6.4, FortiManager Cloud 7.6.2 through 7.6.4 may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests. Successful exploitation would require a large amount of effort in preparation because of ASLR and network segmentation"}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.3,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","version":"3.1"},"format":"CVSS"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-122","description":"Escalation of privilege","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-04-14T15:38:22.657Z","orgId":"6abe59d8-c742-4dff-8ce8-9b0ca1073da8","shortName":"fortinet"},"references":[{"name":"https://fortiguard.fortinet.com/psirt/FG-IR-26-121","url":"https://fortiguard.fortinet.com/psirt/FG-IR-26-121"}],"solutions":[{"lang":"en","value":"Upgrade to upcoming  FortiManager Cloud version 8.0.0 or above\nUpgrade to FortiManager Cloud version 7.6.5 or above\nUpgrade to upcoming  FortiAnalyzer Cloud version 8.0.0 or above\nUpgrade to FortiAnalyzer Cloud version 7.6.5 or above"}]}},"cveMetadata":{"assignerOrgId":"6abe59d8-c742-4dff-8ce8-9b0ca1073da8","assignerShortName":"fortinet","cveId":"CVE-2026-22828","datePublished":"2026-04-14T15:38:22.657Z","dateReserved":"2026-01-12T08:32:04.788Z","dateUpdated":"2026-04-15T03:58:26.193Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-04-14 16:16:37","lastModifiedDate":"2026-04-17 15:11:56","problem_types":["CWE-122","CWE-122 Escalation of privilege"],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"22828","Ordinal":"1","Title":"CVE-2026-22828","CVE":"CVE-2026-22828","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"22828","Ordinal":"1","NoteData":"A heap-based buffer overflow vulnerability in Fortinet FortiAnalyzer Cloud 7.6.2 through 7.6.4, FortiManager Cloud 7.6.2 through 7.6.4 may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests. Successful exploitation would require a large amount of effort in preparation because of ASLR and network segmentation","Type":"Description","Title":"CVE-2026-22828"}]}}}