A critical vulnerability identified as CVE-2025-25257 in Fortinet’s FortiWeb can lead to remote code execution, posing significant security risks. Users are urged to apply patches immediately to mitigate potential exploitation of this flaw.

SonicWall has issued a warning regarding a critical vulnerability (CVE-2025-40599) in its SMA 100 series VPN appliances, allowing authenticated users to upload arbitrary files, potentially leading to remote code execution. Despite no evidence of active exploitation, the company advises users to patch their devices and monitor for signs of compromise due to ongoing attacks targeting the appliances. Recommendations include enhancing security measures such as enforcing multi-factor authentication and limiting remote management access.