Vulnerabilities4 min read
Fortra PAM Flaw Lets Attackers Run Commands Without Auth
CVE-2026-9862 (CVSS 9.8) in Fortra Core Privileged Access Manager (BoKS) enables unauthenticated command injection via the autoregistration service. Restrict port 6507 access immediately.
Marcus ChenJun 26, 2026