Vulnerabilities5 min read
FortiClient EMS Zero-Day Under Active Exploit — Patch Now
CVE-2026-35616 lets attackers bypass API authentication in FortiClient EMS 7.4.5-7.4.6 for unauthenticated RCE. Exploitation began March 31. Emergency hotfixes available.
Marcus ChenApr 5, 2026