CVE-2026-22155

Description

A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5.1, FortiSOAR on-premise 7.4 all versions, FortiSOAR on-premise 7.3 all versions may allow attacker to information disclosure via <insert attack vector here>

CVSS breakdown

Affected products

• fortinet / fortisoaron-premise7.6.2 – 7.6.2
• fortinet / fortisoaron-premise7.6.1 – 7.6.1
• fortinet / fortisoaron-premise7.6.0 – 7.6.0
• fortinet / fortisoaron-premise7.5.1 – 7.5.1
• fortinet / fortisoaron-premise7.5.0 – 7.5.0
• fortinet / fortisoaron-premise7.4.5 – 7.4.5
• fortinet / fortisoaron-premise7.4.4 – 7.4.4
• fortinet / fortisoaron-premise7.4.3 – 7.4.3
• fortinet / fortisoaron-premise7.4.2 – 7.4.2
• fortinet / fortisoaron-premise7.4.1 – 7.4.1
• fortinet / fortisoaron-premise7.4.0 – 7.4.0
• fortinet / fortisoaron-premise7.3.3 – 7.3.3
• fortinet / fortisoaron-premise7.3.2 – 7.3.2
• fortinet / fortisoaron-premise7.3.1 – 7.3.1
• fortinet / fortisoaron-premise7.3.0 – 7.3.0
• fortinet / fortisoarpaas7.6.3 – 7.6.3
• fortinet / fortisoarpaas7.6.2 – 7.6.2
• fortinet / fortisoarpaas7.6.1 – 7.6.1
• fortinet / fortisoarpaas7.6.0 – 7.6.0
• fortinet / fortisoarpaas7.5.2 – 7.5.2
• fortinet / fortisoarpaas7.5.1 – 7.5.1
• fortinet / fortisoarpaas7.5.0 – 7.5.0
• fortinet / fortisoarpaas7.4.5 – 7.4.5
• fortinet / fortisoarpaas7.4.4 – 7.4.4
• fortinet / fortisoarpaas7.4.3 – 7.4.3
• fortinet / fortisoarpaas7.4.2 – 7.4.2
• fortinet / fortisoarpaas7.4.1 – 7.4.1
• fortinet / fortisoarpaas7.4.0 – 7.4.0
• fortinet / fortisoarpaas7.3.3 – 7.3.3
• fortinet / fortisoarpaas7.3.2 – 7.3.2
• fortinet / fortisoarpaas7.3.1 – 7.3.1
• fortinet / fortisoarpaas7.3.0 – 7.3.0

References

• VENDOR_ADVISORYhttps://fortiguard.fortinet.com/psirt/FG-IR-26-106