Fortinet, Ivanti, and ServiceNow patched 15 vulnerabilities across their products, including a critical flaw in ServiceNow's AI platform. These updates are crucial for securing systems against potential exploitation, though no active attacks have been reported.
On Tuesday, Fortinet, Ivanti, and ServiceNow rolled out patches addressing 15 vulnerabilities across their platforms. These updates are aimed at enhancing the security of their respective systems and protecting users from potential exploitation.
ServiceNow resolved a critical remote code execution (RCE) vulnerability in its AI platform, tracked as CVE-2026-6875, which has a CVSS score of 9.5. The company indicated that this flaw could be exploited without authentication, making it particularly concerning.
Ivanti released patches for two vulnerabilities in its Xtraction data tool, CVE-2026-14902 and CVE-2026-14903. The first is a medium-severity open redirect vulnerability, while the second is a high-severity path traversal flaw that could allow unauthorized access to external URLs and sensitive files.
Fortinet issued 11 security advisories detailing 12 vulnerabilities across various products including FortiOS and FortiSandbox. Notably, high-severity issues were identified that could allow unauthenticated attackers to access sensitive information and VNC servers.
Both ServiceNow and Ivanti have stated that there are currently no known exploitations of the patched vulnerabilities in the wild. Fortinet also mentioned no known attacks related to the disclosed security defects.
✨ This summary was generated by AI from the outlets' reporting listed below. It is not independently verified and may contain errors — check the original sources. How BrevFeed works →
Fortinet, Ivanti, and ServiceNow patched 15 vulnerabilities across their products, including a critical flaw in ServiceNow's AI platform. These updates are crucial for securing systems against potential exploitation, though no active attacks have been reported.