Fortinet has issued patches for 27 vulnerabilities across its product line, including two critical flaws in FortiSandbox with CVSS scores of 9.1 that could allow unauthenticated attackers to bypass authentication and execute arbitrary commands via specially crafted HTTP requests. The company also addressed a high-severity buffer overflow in FortiAnalyzer Cloud and SQL injection bugs in FortiDDoS-F and FortiClientEMS, though there's currently no evidence these vulnerabilities are being exploited in the wild.