A total of 40 new router-related CVEs were published during the week of May 11, 2026.
Severity breakdown: 3 Critical, 6 High, 11 Medium, 1 Low.
Critical Vulnerabilities
- CVE-2026-20182 (CVSS: 10.0) — May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new...
- CVE-2026-44277 (CVSS: 9.8) — A improper access control vulnerability in Fortinet FortiAuthenticator 8.0.2, FortiAuthenticator 8.0.0, FortiAuthenticator 6.6.0 through 6.6.8, FortiAuthenticator 6.5.0 through 6.5.6 may allow atta...
- CVE-2026-26083 (CVSS: 9.8) — A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through 5.0.5, FortiSandbox PaaS 23.4 all versions, Fo...
Affected Vendors
- Palo Alto Networks: 19 CVEs
- Fortinet: 11 CVEs
- Cisco: 4 CVEs
- Zyxel: 4 CVEs
- Katalyst: 1 CVE
- TP-Link: 1 CVE