New FortiClient EMS flaw exploited in attacks, emergency patch released

Fortinet has released an emergency weekend security update for a new critical FortiClient Enterprise Management Server (EMS) vulnerability that is actively exploited in attacks.
SecurityWeek

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

Threat actors have started exploiting CVE-2026-21643, a critical vulnerability in Fortinet FortiClient EMS leading to remote ...

FortiClient EMS: Critical code-injection vulnerability is being exploited

Fortinet has provided hotfixes and strongly advises admins to apply them quickly. They patch an exploited code-injection ...
CSO Online

Fortinet hit by another exploited cybersecurity flaw

A critical SQL injection flaw in FortiClient EMS allows remote code execution and data exfiltration, leaving thousands of ...

Critical Fortinet Forticlient EMS flaw now exploited in attacks

Attackers are now actively exploiting a critical vulnerability in Fortinet's FortiClient EMS platform, according to threat intelligence company Defused.