CVE-2026-24858 (Critical, auth bypass via FortiCloud SSO alternate path/channel; CWE-288): Attacker with any FortiCloud account could access other customers’ devices if SSO enabled (not default but common post-registration). Exploited in the wild pre-disclosure (malicious accounts locked Jan 22, 2026). Advisory published January 27, 2026. Fortinet mitigated on cloud side (disabled/re-enabled SSO without vulnerable device support…