THREATNOIR
Subscribe
Back to Feed
Zero-dayApr 6, 2026

‼️ CVE-2026-35616: FortiClient EMS Pre-Auth API Bypass Under Active Exploitation https://t.co/YN...

CVE-2026-35616 FortiClient EMS pre-auth API bypass actively exploited in the wild.

Read at source

Summary

A pre-authentication API bypass vulnerability (CVE-2026-35616) in FortiClient EMS has been discovered under active exploitation. The flaw allows unauthenticated attackers to bypass API authentication controls, potentially granting unauthorized access to the endpoint management system. Patching is recommended immediately for all affected FortiClient EMS deployments.

Indicators of Compromise

  • cve — CVE-2026-35616

Entities

FortiClient EMS (product)Fortinet (vendor)