A vulnerability was found in Fortinet FortiPortal up to 7.0.14/7.2.8/7.4.7 and classified as critical . The affected element is an unknown function. Executing a manipulation can lead to improper access controls. This vulnerability is tracked as CVE-2026-49938 . The attack can be launched remotely. No exploit exists.