PSIRT Credential disclosure in LDAP configuration web page. Summary An Insufficiently protected credentials vulnerability [CWE-522] in FortiSanbox and FortiSanbox PaaS GUI may allow an authenticated administrator to read LDAP server credentials via client-side inspection. Version Affected Solution FortiSandbox 5.0 5.0.0 through 5.0.5 Upgrade to 5.0.6 or above FortiSandbox 4.4 4.4 all versions Migrate to a fixed release FortiSandbox PaaS 5.0 5.0.1 through 5.0.5 Upgrade to 5.0.6 or above Acknowledgement Fortinet is pleased to thank Juampa Rodriguez from Red Electrica for reporting this vulnerability under responsible disclosure. Timeline 2026-04-14: Initial publication IR Number FG-IR-26-113 Published Date Apr 14, 2026 Component GUI Severity Low Discovered External Attack Type Authenticated Known Exploited No CVSSv3 Score 2.5 Impact Information disclosure CVE ID CVE-2026-27316 Download CVRF CSAF