Fortinet Issues Emergency Patch for FortiClient Zero-Day

Summary

Fortinet has issued an emergency patch for CVE-2026-35616, an authentication bypass vulnerability in FortiClient that has been actively exploited in the wild. This zero-day represents the latest in a growing series of Fortinet vulnerabilities targeted by threat actors. Organizations running affected FortiClient versions should prioritize patching immediately.

Indicators of Compromise

• cve — CVE-2026-35616

Entities