Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 26.1.b
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    Home FortiEndpoint Release Notes

    26.1.b

    26.1.b

    The following issues have been fixed in FortiEndpoint 26.1.b:

    EDR

    Bug ID Description
    1174797, 1177824

    Threat Hunting query that contains "NOT" does not filter correctly.
    1230971, 1231450

    Parsing failure of Taxii feed.
    1257703, 1249534, 1258256

    Adding a process to Exclusion Policy via Incident View results in blank screen.
    1229966, 1230923

    Exception creation fails due to an empty value.
    1234632, 1234818

    Failure in retrieving reports from a disconnected Collector.
    1224830, 1224852

    Users with a Read-Only role cannot export data from the Inventory page.
    1217600, 1224858

    Hardening related to key injection as a variable.
    1229820, 1233765

    Issue with dashboard queries of "Top Affected Devices".
    1234348, 1239292

    Incident Report fails to display the full event process path.
    1231073, 1235251

    Incident report generation gets stuck at 5%.
    1231674, 1232143

    Classification response actions are displayed in the wrong chronological order in Incident View.
    1234440, 1240548, 1237245

    Syslog becomes unresponsive due to a status update failure, causing log transmission to stop unexpectedly.
    1230144, 1235745

    Exception is created on the wrong security event.
    1233707, 1234310

    Adding an incident comment is logged with a default user information.
    1232273, 1233766

    Sorting by total number does not correctly order the values in Incident View.
    1217982, 1222702

    Wrong file or process name is displayed while the correct file has been remediated.
    1227989, 1250027, 1228723

    Applying the “Malicious” classification filter prevents associated raw events from being displayed.
    1252095, 1252561

    Applying a filter prevents exporting the Collectors report in the Inventory.
    1252094, 1226670, 1252560

    Incidents sometimes appear as unclickable duplicates when you scroll or hover in the UI.
    1251352

    Certain events are partially saved during consolidation.
    1254115, 1252688, 1250220

    Editing an exception incorrectly displays an event as "deleted".
    1244654, 1246159, 1244724, 1244129, 1246479

    Potential error in consolidation flow.
    1243125, 1251355

    Multiple entities are marked as erased but are not actually cleaned from the database.
    1230520, 1240181

    When creating an exception via handling an event, selecting an IP from the destination list incorrectly selects all IPs.
    1240953, 1245595, 1242029

    Deleting an event while using a filter results in deletion of multiple events within the same aggregation.
    1227194, 1243039, 1227652

    Changing an exception’s destination from "Specific" to "All Destinations" incorrectly triggers a “cannot select both” error.

    1234354, 1235517, 1245708, 1237735

    Performance issue with event processing.
    1250351, 1251431

    Security Policy Search fails due to an internal error.
    1248720, 1249641

    Error when creating an exception on a specific event.
    1243641, 1244635

    Issue with exporting unmanaged devices list.
    1252134, 1254404

    Click "Add Connector" and the dropdown shows most connector options grayed out.

    1111981, 1218423

    When syslog field values are too long, the first max characters will be displayed.
    Previous
    Next

    26.1.b

    26.1.b

    The following issues have been fixed in FortiEndpoint 26.1.b:

    EDR

    Bug ID Description
    1174797, 1177824

    Threat Hunting query that contains "NOT" does not filter correctly.
    1230971, 1231450

    Parsing failure of Taxii feed.
    1257703, 1249534, 1258256

    Adding a process to Exclusion Policy via Incident View results in blank screen.
    1229966, 1230923

    Exception creation fails due to an empty value.
    1234632, 1234818

    Failure in retrieving reports from a disconnected Collector.
    1224830, 1224852

    Users with a Read-Only role cannot export data from the Inventory page.
    1217600, 1224858

    Hardening related to key injection as a variable.
    1229820, 1233765

    Issue with dashboard queries of "Top Affected Devices".
    1234348, 1239292

    Incident Report fails to display the full event process path.
    1231073, 1235251

    Incident report generation gets stuck at 5%.
    1231674, 1232143

    Classification response actions are displayed in the wrong chronological order in Incident View.
    1234440, 1240548, 1237245

    Syslog becomes unresponsive due to a status update failure, causing log transmission to stop unexpectedly.
    1230144, 1235745

    Exception is created on the wrong security event.
    1233707, 1234310

    Adding an incident comment is logged with a default user information.
    1232273, 1233766

    Sorting by total number does not correctly order the values in Incident View.
    1217982, 1222702

    Wrong file or process name is displayed while the correct file has been remediated.
    1227989, 1250027, 1228723

    Applying the “Malicious” classification filter prevents associated raw events from being displayed.
    1252095, 1252561

    Applying a filter prevents exporting the Collectors report in the Inventory.
    1252094, 1226670, 1252560

    Incidents sometimes appear as unclickable duplicates when you scroll or hover in the UI.
    1251352

    Certain events are partially saved during consolidation.
    1254115, 1252688, 1250220

    Editing an exception incorrectly displays an event as "deleted".
    1244654, 1246159, 1244724, 1244129, 1246479

    Potential error in consolidation flow.
    1243125, 1251355

    Multiple entities are marked as erased but are not actually cleaned from the database.
    1230520, 1240181

    When creating an exception via handling an event, selecting an IP from the destination list incorrectly selects all IPs.
    1240953, 1245595, 1242029

    Deleting an event while using a filter results in deletion of multiple events within the same aggregation.
    1227194, 1243039, 1227652

    Changing an exception’s destination from "Specific" to "All Destinations" incorrectly triggers a “cannot select both” error.

    1234354, 1235517, 1245708, 1237735

    Performance issue with event processing.
    1250351, 1251431

    Security Policy Search fails due to an internal error.
    1248720, 1249641

    Error when creating an exception on a specific event.
    1243641, 1244635

    Issue with exporting unmanaged devices list.
    1252134, 1254404

    Click "Add Connector" and the dropdown shows most connector options grayed out.

    1111981, 1218423

    When syslog field values are too long, the first max characters will be displayed.
    Previous
    Next