Bleeping Computer

Critical Fortinet Forticlient EMS flaw now exploited in attacks

Attackers are now actively exploiting a critical vulnerability in Fortinet's FortiClient EMS platform, according to threat intelligence company Defused. Tracked as CVE-2026-21643, this SQL injection ...
Bleeping Computer

Hackers exploit FortiClient EMS flaw to push infostealer malware

Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ. The attacker ...
CRN

Fortinet: ’Critical’ FortiClient EMS Vulnerability Exploited In Attacks

The cybersecurity vendor released an emergency patch over the weekend to address the flaw in FortiClient Enterprise Management Server (EMS). Fortinet disclosed that it has observed exploitation of a ...