{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-14T09:23:27.629","vulnerabilities":[{"cve":{"id":"CVE-2026-25815","sourceIdentifier":"cve@mitre.org","published":"2026-02-05T22:15:54.100","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"Fortinet FortiOS through 7.6.6 allows attackers to decrypt LDAP credentials stored in device configuration files, as exploited in the wild from 2025-12-16 through 2026 (by default, the encryption key is the same across all customers' installations). NOTE: the Supplier's position is that the instance of CWE-1394 is not a vulnerability because customers \"are supposed to enable\" a non-default option that eliminates the weakness. However, that non-default option can disrupt functionality as shown in the \"Managing FortiGates with private data encryption\" document, and is therefore intentionally not a default option."},{"lang":"es","value":"Fortinet FortiOS hasta 7.6.6 permite a los atacantes descifrar credenciales LDAP almacenadas en archivos de configuración del dispositivo, según se explotó en la naturaleza desde el 16-12-2025 hasta 2026 (por defecto, la clave de cifrado es la misma en todas las instalaciones de los clientes). NOTA: la posición del Proveedor es que la instancia de CWE-1394 no es una vulnerabilidad porque se 'supone que los clientes deben habilitar' una opción no predeterminada que elimina la debilidad. Sin embargo, esa opción no predeterminada puede interrumpir la funcionalidad como se muestra en el documento 'Managing FortiGates with private data encryption', y, por lo tanto, no es intencionalmente una opción predeterminada."}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N","baseScore":3.2,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.4,"impactScore":1.4}]},"weaknesses":[{"source":"cve@mitre.org","type":"Primary","description":[{"lang":"en","value":"CWE-1394"}]}],"references":[{"url":"https://docs.fortinet.com/document/fortimanager/7.6.6/administration-guide/30332/managing-fortigates-with-private-data-encryption","source":"cve@mitre.org"},{"url":"https://www.cert.at/en/blog/2026/1/threat-actors-use-forticloud-to-collect-ldap-connection-passwords","source":"cve@mitre.org"}]}}]}