Vendor security team contributor

Fortinet

cited as evidence in 84 · CNA assigner on 26 of 97 known-exploited records. Every aggregate on this page is recomputed from the records listed below — each one already cited to its public source.

fortiguard.com ↗ · home of the cited advisories

records cited in

deterministic count

finder / reporter credits

CVE.org credits

CVE records catalogued (CNA)

assigner

75%

avg modeled exploit prob.

FIRST EPSS, 97/97

28%

ransomware-associated

27 of 97 · CISA flag

Known for

— recomputed from this contributor’s own records

SurfacesEdge / remote-access infra (52), Application / other (32), Server / web platform (6), Operating system / kernel (3), Hypervisor / virtualization (3)

WeaknessInjection (37), Authentication (15), Memory safety (13), Authorization / access control (12), Path traversal / file (7)

PortfolioFortinet (26), D-Link (11), Microsoft (7), Apache (5), Adobe (4), NETGEAR (2)

Narrative reach

— how far this contributor’s records carry an attacker, front door → lights out

1Front door

97reach this stage

→

2Keys to the kingdom

97reach this stage

→

3Lateral reach

93reach this stage

→

4Data at risk

18reach this stage

→

5Lights out

2reach this stage

Furthest any of these records carries an attacker: 5 · Lights out. 18 of 97 narrative-framed records reach data-at-risk or lights-out. (furthest-position idiom, reused from the landing map; the stage mapping is a model output over cited evidence.)

Recent highlights

— this contributor’s newest known-exploited records

CVE-2026-34197Apache87%KEV CVE-2026-21643Fortinet94%KEV CVE-2026-35616Fortinet89%KEV CVE-2019-19006Sangoma36%KEV CVE-2025-64328Sangoma84%KEV CVE-2026-24858Fortinet55%KEV

Every record they’re cited in

— all 97, each linked to its cited source

This is the evidence behind every number above. Sorted ransomware-first, then by modeled exploit probability.

CVE-2018-13379Fortinet100%RWKEV CVE-2023-29300Adobe100%RWKEV CVE-2022-40684Fortinet100%RWKEV CVE-2021-45046Apache100%RWKEV CVE-2017-11882Microsoft100%RWKEV CVE-2021-22986F5100%RWKEV CVE-2021-34527Microsoft100%RWKEV CVE-2017-12615Apache100%RWKEV CVE-2022-42475Fortinet99%RWKEV CVE-2023-48788Fortinet99%RWKEV CVE-2024-55591Fortinet98%RWKEV CVE-2021-40444Microsoft97%RWKEV CVE-2023-38203Adobe97%RWKEV CVE-2018-1273VMware Tanzu96%RWKEV CVE-2024-40711Veeam88%RWKEV CVE-2017-18362Kaseya87%RWKEV CVE-2021-1675Microsoft86%RWKEV CVE-2023-27997Fortinet86%RWKEV CVE-2018-13382Fortinet82%RWKEV CVE-2024-21762Fortinet81%RWKEV CVE-2020-12812Fortinet49%RWKEV CVE-2018-13374Fortinet38%RWKEV CVE-2018-13383Fortinet34%RWKEV CVE-2024-37085VMware27%RWKEV CVE-2024-40766SonicWall16%RWKEV CVE-2019-6693Fortinet5%RWKEV CVE-2025-24472Fortinet3%RWKEV CVE-2023-1389TP-Link100%KEV CVE-2021-1498Cisco100%KEV CVE-2012-1823PHP100%KEV CVE-2024-45519Synacor100%KEV CVE-2020-25506D-Link100%KEV CVE-2022-30525Zyxel100%KEV CVE-2015-1427Elastic100%KEV CVE-2021-36260Hikvision100%KEV CVE-2022-46169Cacti100%KEV CVE-2023-38205Adobe100%KEV CVE-2022-22965VMware100%KEV CVE-2024-9465Palo Alto Networks100%KEV CVE-2021-33045Dahua100%KEV CVE-2024-38856Apache99%KEV CVE-2023-28771Zyxel99%KEV CVE-2024-12987DrayTek98%KEV CVE-2023-25280D-Link98%KEV CVE-2024-3272D-Link98%KEV CVE-2021-45382D-Link98%KEV CVE-2021-36380Sunhillo98%KEV CVE-2021-22502Micro Focus97%KEV CVE-2025-25257Fortinet97%KEV CVE-2024-47575Fortinet97%KEV CVE-2023-25717Ruckus Wireless95%KEV CVE-2026-21643Fortinet94%KEV CVE-2016-3427Oracle92%KEV CVE-2024-5910Palo Alto Networks92%KEV CVE-2024-11680ProjectSend92%KEV CVE-2025-64446Fortinet90%KEV CVE-2024-8190Ivanti89%KEV CVE-2012-0151Microsoft89%KEV CVE-2026-35616Fortinet89%KEV CVE-2026-34197Apache87%KEV CVE-2021-40655D-Link87%KEV CVE-2021-31755Tenda86%KEV CVE-2018-19410Paessler86%KEV CVE-2023-38950ZKTeco85%KEV CVE-2025-64328Sangoma84%KEV CVE-2015-1187D-Link and TRENDnet83%KEV CVE-2021-27561Yealink83%KEV CVE-2013-1331Microsoft82%KEV CVE-2017-11826Microsoft82%KEV CVE-2018-15133Laravel77%KEV CVE-2012-0391Apache75%KEV CVE-2017-6334NETGEAR72%KEV CVE-2016-11021D-Link69%KEV CVE-2017-6077NETGEAR68%KEV CVE-2021-30632Google65%KEV CVE-2025-59718Fortinet63%KEV CVE-2024-9380Ivanti63%KEV CVE-2024-23113Fortinet62%KEV CVE-2021-22991F561%KEV CVE-2022-37055D-Link57%KEV CVE-2024-8956PTZOptics57%KEV CVE-2026-24858Fortinet55%KEV CVE-2025-58034Fortinet54%KEV CVE-2020-29557D-Link54%KEV CVE-2025-30066tj-actions45%KEV CVE-2014-100005D-Link42%KEV CVE-2019-19006Sangoma36%KEV CVE-2013-5223D-Link34%KEV CVE-2025-32756Fortinet31%KEV CVE-2019-19356Netis28%KEV CVE-2020-9377D-Link21%KEV CVE-2019-5591Fortinet19%KEV CVE-2023-26359Adobe18%KEV CVE-2022-41328Fortinet12%KEV CVE-2021-27562Arm3%KEV CVE-2025-30154reviewdog2%KEV CVE-2021-44168Fortinet1%KEV

Coverage & confidence

— what this profile claims, and what it does not

Established (cited)

Cited in 97 known-exploited records — the list below; every one links to its public source.

Catalogued 26 CVE record(s) as the CNA assigner (from CVE.org).

Coverage gaps — stated, not hidden

This profile is an aggregation: it asserts only what the listed records already cite — no new external claim about the contributor is made.

The TYPE badge and the narrative-stage mapping are editorial (our call), labeled as such, not a sourced fact.