Dataproof Communications

CVSSv3 Score: 6.8 A missing authorization vulnerability in FortiAuthenticator may allow a read-only admin to make modification to local users via a file upload to an unprotected endpoint. Revised on 2026-02-10 00:00:00 - Read more

CVSSv3 Score: 7.5 An Authentication Bypass by Primary Weakness vulnerability in FortiOS fnbamd may allow an unauthenticated attacker to bypass LDAP authentication of Agentless VPN or FSSO policy, under specific LDAP server configuration. Revised on 2026-02-10 00:00:00 - Read more

CVSSv3 Score: 6.7 A Use of Externally-Controlled Format String vulnerability in FortiGate may allow an authenticated admin to execute unauthorized code or commands via specifically crafted configuration. Revised on 2026-02-10 00:00:00 - Read more

CVSSv3 Score: 3.8 An Improper Verification of Source of a Communication Channel vulnerability in FortiOS FSSO Terminal Services Agent may allow an authenticated user with knowledge of FSSO policy configurations to gain unauthorized access to protected network resources via crafted requests. Revised on 2026-02-10 00:00:00 - Read more

CVSSv3 Score: 6.4 An Improper Link Resolution Before File Access vulnerability in FortiClient Windows may allow a local low-privilege attacker to perform an arbitrary file write with elevated permissions via crafted named pipe messages. Revised on 2026-02-10 00:00:00 - Read more

Access of resource using incompatible type ('type confusion') in Desktop Window Manager allows an authorized attacker to elevate privileges locally. - Read more

Artificial intelligence has transformed how organizations operate—and threat actors are moving just as quickly. In Cofense’s recent webinar, The New Era of Phishing: Threats Built in the Age of AI, Cofense Chief Security Officer Josh Bartolomie joined threat experts Chance Caldwell and Max Gannon to break down the most important phishing trends emerging from real-world attack data.Phishing isn’t slowing...

- Read more

- Read more

In February 2026, the online gaming community Toy Battles suffered a data breach. The incident exposed 1k unique email addresses alongside usernames, IP addresses and chat logs. Following the breach, Toy Battles self-submitted the data to Have I Been Pwned. - Read more