FortiMail - Memory leak in Webmail
A missing release of memory after its effective lifetime vulnerability (CWE-401) in FortiMail Webmail may allow an unauthenticated remote attacker to exhaust available memory via specifically crafted login requests.
FortiMail 6.4.4 and below,
FortiMail 6.2.6 and below.
Upgrade to FortiMail 7.0.0.
Upgrade to FortiMail 6.4.5.