Three chained Linux kernel local privilege escalation vulnerabilities — Dirty Frag (CVE-2026-43284, CVE-2026-43500) and Fragnesia (CVE-2026-46300) — allow an unprivileged local attacker to achieve root on affected Linux systems, with Microsoft confirming limited in-the-wild exploitation as of May 8, 2026. Fortinet is actively investigating impact across FortiEDR, FortiNAC-F, FortiSOAR, and FortiClient EMS, creating compounded risk where the security controls meant to detect this exploitation may themselves be impaired.