cbcvebase.
CVE-2026-22153
published 2026-02-10

CVE-2026-22153: An Authentication Bypass by Primary Weakness vulnerability [CWE-305] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4 may allow an unauthenticated…

PriorityP261high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
EPSS
0.70%
48.4th percentile
An Authentication Bypass by Primary Weakness vulnerability [CWE-305] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4 may allow an unauthenticated attacker to bypass LDAP authentication of Agentless VPN or FSSO policy, when the remote LDAP server is configured in a specific way.

Affected

4 ranges
VendorProductVersion rangeFixed in
fortinetfortinet
fortinetfortios
fortinetfortios>= 7.6.0 < 7.6.57.6.5
fortinetfortios7.6.0 – 7.6.4

Detection & IOCsextracted from sources · hover to see the quote

  • Monitor for unauthenticated access attempts to Agentless VPN or FSSO policy endpoints on FortiOS 7.6.0–7.6.4, which may indicate LDAP authentication bypass exploitation
  • Alert on successful VPN or FSSO authentications that do not correspond to a valid LDAP bind/response sequence from the configured remote LDAP server, as the bypass occurs due to a primary weakness in the authentication flow (CWE-305)
  • ·The bypass is only triggerable when the remote LDAP server is configured in a specific (undisclosed) way; review and harden LDAP server configurations used with Agentless VPN and FSSO policies on affected FortiOS versions
  • ·Affected versions are FortiOS 7.6.0 through 7.6.4 only; upgrade to a fixed version (fix available as of Feb 11, 2026) to remediate
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.