Cyber News

Improper access control in API endpoints

09/06/2026

CVSSv3 Score: 6.2

An improper access control vulnerability [CWE-284] in FortiPortal API endpoints may allow a remote privileged attacker with organization user role to obtain sensitive network configuration data via crafted HTTP requests.

Revised on 2026-06-09 00:00:00

– Read more

Monday	08:00 - 17:00
Tuesday	08:00 - 17:00
Wednesday	08:00 - 17:00
Thursday	08:00 - 17:00
Friday	08:00 - 17:00

Improper access control in API endpoints

Latest article

Check Point VPN Authentication Bypass Vulnerability

CISA tells agencies to patch smarter, not harder — foreshadowing broader industry practice

Hackers Abuse Fake Utility Downloads to Install ScreenConnect and Mine Cryptocurrency

Automated Threat Hunting: Turning Threat Intelligence into Executable Hunt Plans

EDITOR PICKS

Check Point VPN Authentication Bypass Vulnerability

CISA tells agencies to patch smarter, not harder — foreshadowing broader...

Hackers Abuse Fake Utility Downloads to Install ScreenConnect and Mine Cryptocurrency

POPULAR POSTS

Threats to users of adult websites in 2018

The World’s Most Popular Coding Language Happens to be Most Hackers’...

IT threat evolution Q2 2019

POPULAR CATEGORY

Check Point VPN Authentication Bypass Vulnerability

CISA tells agencies to patch smarter, not harder — foreshadowing broader...

Hackers Abuse Fake Utility Downloads to Install ScreenConnect and Mine Cryptocurrency