CVE-2026-35616, a FortiClient EMS zero-day vulnerability patched in April, has been exploited in fresh infostealer attacks.

Fortinet’s FortiClient endpoint management software, meant to harden corporate and government machines, instead exposed them ...

Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ. The attacker ...

Fortinet warns of a critical FortiClient EMS zero-day vulnerability that is currently being exploited, allowing attackers to bypass authentication and execute commands. Fortinet disclosed a critical ...

The security management software Fortinet FortiClient EMS (Endpoint Management Server) poses a security problem itself due to a critical vulnerability. In February of this year, Fortinet provided a ...

Fortinet customers have been urged to update their FortiClient Enterprise Management Server (EMS) products after the vendor was forced to issue an emergency patch over the weekend. CVE-2026-35616 is a ...

A zero-day vulnerability exists in FortiClient EMS, which attackers are already exploiting in the wild. This allows them to inject and execute malicious code without prior authentication. Fortinet ...

Hackers have been exploiting a critical vulnerability in FortiClient Endpoint Management Server (FortiClient EMS) since at least the end of March. Fortinet has published an advisory and released an ...

The cybersecurity vendor released an emergency patch over the weekend to address the flaw in FortiClient Enterprise Management Server (EMS). Fortinet disclosed that it has observed exploitation of a ...

Attackers are now actively exploiting a critical vulnerability in Fortinet's FortiClient EMS platform, according to threat intelligence company Defused. Tracked as CVE-2026-21643, this SQL injection ...