[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"focus:new-forticlient-ems-flaw-exploited-in-attacks-emergency-patch-released-mnn9mfvv":3},{"item":4},{"id":5,"title":6,"slug":7,"summary":8,"severity":9,"category":10,"cve_ids":11,"affected_products":13,"action_required":16,"article_ids":17,"ioc_summary":19,"source_urls":20,"status":22,"expires_at":23,"created_at":24,"updated_at":25,"articles":26},"3c5d3231-9cfd-4dec-870e-98603bc81dd5","New FortiClient EMS flaw exploited in attacks, emergency patch released","new-forticlient-ems-flaw-exploited-in-attacks-emergency-patch-released-mnn9mfvv","Fortinet released an emergency patch for CVE-2026-35616, a critical pre-authentication RCE vulnerability in FortiClient EMS 7.4.5 and 7.4.6. This flaw is actively exploited in the wild with over 2,000 exposed instances identified online. Any organization running vulnerable versions faces immediate risk of unauthenticated remote code execution.","critical","advisory",[12],"CVE-2026-35616",[14,15],"Fortinet","FortiClient EMS","Immediately identify and inventory all FortiClient EMS 7.4.5 and 7.4.6 instances in your environment. Apply hotfix or upgrade to 7.4.7 today. Hunt for exploitation attempts in API access logs targeting unauthenticated endpoints and monitor for unexpected RCE activity on affected systems.",[18],"ef4322c3-57f5-456b-b03c-85d03bf95bb8",null,[21],"https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fnew-fortinet-forticlient-ems-flaw-cve-2026-35616-exploited-in-attacks\u002F","archived","2026-04-08T14:08:05.157+00:00","2026-04-06T14:08:09.530694+00:00","2026-04-08T14:09:00.855281+00:00",[27],{"id":18,"title":6,"url":21}]