A critical zero-day vulnerability (CVE-2026-35616, CVSS 9.8) in Fortinet FortiClient Endpoint Management Server (EMS) is being actively exploited in the wild. Fortinet has released emergency hotfixes for FortiClient EMS versions 7.4.5 and 7.4.6, which are confirmed to be affected.
Defused Cyber has spotted a critical Fortinet FortiClient Endpoint Management Server (EMS) zero-day vulnerability (CVE-2026-35616) being exploited in the wild. This time around, the confirmation of active exploitation came almost immediately from Fortinet, as well. “Fortinet has observed [CVE-2026-35616] to be exploited in the wild and urges vulnerable customers to install the hotfix for FortiClient EMS 7.4.5 and 7.4.6,” the company stated in a security advisory published on Saturday. About CVE-2026-35616 On Monday, Defused Cyber … More → The post FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616) appeared first on Help Net Security .