Home/Tag/Cve 2026 21643

Cve 2026 21643

2 articles tagged with "Cve 2026 21643"

Vulnerabilities4 min read

Attackers Exploiting FortiClient EMS SQLi Flaw in the Wild

CVE-2026-21643 exploitation began March 26, six weeks after Fortinet's patch. Around 1,000 internet-exposed EMS instances remain vulnerable to unauthenticated RCE.

Marcus ChenMar 31, 2026

Vulnerabilities3 min read

Fortinet Patches Critical SQLi-to-RCE Flaw in FortiClientEMS

CVE-2026-21643 allows unauthenticated attackers to chain SQL injection with command execution in FortiClient EMS. CVSS 9.8 affects version 7.4.4—upgrade to 7.4.5 immediately.

Marcus ChenFeb 12, 2026