CVE-2026-35616: Fortinet FortiClient EMS Improper Access Control
Fortinet FortiClient EMS Improper Access Control Vulnerability. Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.
- CISA KEV-listed (remediation due 2026-04-09)
- EPSS 34.8% (97.1% percentile)