thehackernews.com·Apr 5, 2026
Fortinet has issued out-of-band patches for a critical vulnerability (CVE-2026-35616) in FortiClient EMS that allows pre-authentication API access bypass and privilege escalation, which has already been exploited in the wild.
For a cybersecurity professional focused on threat intelligence and incident response, the key actionable insight is the immediate need to deploy the out-of-band patches released by Fortinet for the CVE-2026-35616 vulnerability in FortiClient EMS. This flaw, which allows pre-authentication API access bypass and privilege escalation, is actively exploited in the wild, underscoring the urgency for prompt patch management to mitigate potential threats.