FortiClient Endpoint Management Server

Fortinet FortiClientEMS Vulnerability Exploited in the Wild (CVE-2026-35616)

Posted by Diksha Ojha on April 6, 2026April 6, 2026

Fortinet released a security advisory to address an actively exploited vulnerability impacting FortiClientEMS. Tracked as CVE-2026-35616, the vulnerability has a critical severity rating with a CVSS score of 9.1. Successful exploitation may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.

FortiClient Endpoint Management Server (EMS) SQL Injection Vulnerability (CVE-2026-21643)

Posted by Diksha Ojha on February 11, 2026April 14, 2026

Fortinet released a security advisory to address a critical severity vulnerability impacting FortiClientEMS. Tracked as CVE-2026-21643, successful exploitation of the vulnerability could lead to arbitrary code execution on the target system. The vulnerability has a CVSS score of 9.1.

FortiClient Endpoint Management Server (EMS) SQL Injection Vulnerability (CVE-2023-48788)

Posted by Diksha Ojha on March 18, 2024March 25, 2024

Fortinet addressed a critical severity vulnerability impacting the FortiClient Enterprise Management Server. Tracked as CVE-2023-48788, the vulnerability may allow an attacker to achieve code execution on affected systems. The vulnerability has been given a CVSS score of 9.3.