thehackernews.com·Apr 14, 2026
CISA has added six security vulnerabilities to its Known Exploited Vulnerabilities catalog, including a critical SQL injection flaw in Fortinet FortiClient EMS (CVE-2026-21643) with a CVSS score of 9.1, indicating active exploitation.
For a cybersecurity professional, the key takeaway is the active exploitation of CVE-2026-21643, an SQL injection vulnerability in Fortinet FortiClient EMS with a high CVSS score of 9.1. Immediate action should be taken to assess and patch this vulnerability to prevent unauthorized access, particularly in environments using Fortinet products. Staying updated with CISA's KEV catalog is crucial for proactive threat management and incident response planning.