Fortinet News Articles

CVE-2026-21643 CVE-2023-21529

CVE-2026-39808

PoC Released for FortiSandbox Flaw Enabling Arbitrary Command Execution - IT Security News

A proof-of-concept (PoC) exploit has been publicly released for a critical security flaw in Fortinet’s FortiSandbox. Tracked as CVE-2026-39808, this severe vulnerability allows an unauthenticated attacker to execute arbitrary commands on the underlying operating system with the highest level of…Read...

2 weeks ago

The Hacker News

CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software

CISA adds six exploited vulnerabilities, including Fortinet and Exchange flaws, requiring FCEB patching by April 27, 2026.

2 weeks ago

U.S. CISA adds a flaw in Fortinet FortiClient EMS to its Known Exploited Vulnerabilities catalog - IT Security News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Fortinet FortiClient EMS to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Fortinet FortiClient EMS, tracked as CVE-2026-35616 (CVSS score of…...

3 weeks ago

Securityweek

Fortinet Rushes Emergency Fixes for Exploited Zero-Day

Fortinet issues emergency patches for CVE-2026-35616, a FortiClient EMS zero-day vulnerability that has been exploited in the wild.

3 weeks ago

Fortinet Issues Emergency Patch for FortiClient Zero-Day

The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild.

3 weeks ago

CISA Warns of Fortinet 0-Day Vulnerability Actively Exploited in Attacks - IT Security News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-35616, a critical improper access control vulnerability in Fortinet FortiClient Enterprise Management Server (EMS), to its Known Exploited Vulnerabilities (KEV) catalog on April 6, 2026, mandating federal agencies to...

3 weeks ago

Cybersecuritynews

CISA Warns of Fortinet 0-Day Vulnerability Actively Exploited in Attacks

3 weeks ago

CISA orders feds to patch exploited Fortinet EMS flaw by Friday

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to secure FortiClient Enterprise Management Server (EMS) instances against an actively exploited vulnerability by Friday.

3 weeks ago

Techrepublic

New Fortinet Flaw Allows Unauthorized Access to Enterprise Systems

Fortinet warns of a critical FortiClient EMS zero-day vulnerability that is currently being exploited, allowing attackers to bypass authentication and execute commands.

3 weeks ago

Esecurity Planet

CVE-2026-35616: FortiClient EMS Flaw Under Active Exploitation | eSecurity Planet

A critical FortiClient EMS vulnerability (CVE-2026-35616) is under active exploitation, allowing unauthenticated attackers to bypass API protections.

3 weeks ago

Decipher

CVE-2026-35616 CVE-2026-20093

Fortinet CVE-2026-35616 Actively Exploited - Decipher

The company published an advisory on Saturday and urged all customers who are running affected versions of the software to install the hotfix as quickly as possible. The bug affects versions 7.4.5 and 7.4.6 of FortiClient EMS.

3 weeks ago

Plato Data Intelligence

Week In Review: Axios Npm Supply Chain Compromise, Critical FortiClient EMS Bugs Exploited - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

4 weeks ago

Help Net Security

CVE-2026-35616 CVE-2026-20093

Week in review: Axios npm supply chain compromise, critical FortiClient EMS bugs exploited - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Financial groups lay out a plan to fight AI identity

4 weeks ago

The Hacker News

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

CVE-2026-35616 (CVSS 9.1) exploited since March 31, 2026, affects FortiClient EMS 7.4.5–7.4.6, enabling privilege escalation.

4 weeks ago

FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616) - IT Security News

Defused Cyber has spotted a critical Fortinet FortiClient Endpoint Management Server (EMS) zero-day vulnerability (CVE-2026-35616) being exploited in the wild. This time around, the confirmation of active exploitation came almost immediately from Fortinet, as well. “Fortinet has observed [CVE-2026-3...

4 weeks ago

Help Net Security

FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616) - Help Net Security

Defused Cyber spotted a critical Fortinet FortiClient EMS zero-day (CVE-2026-35616) being exploited in the wild this week

4 weeks ago

Critical Fortinet FortiClient EMS 0-Day Vulnerability Actively Exploited in the Wild - IT Security News

Fortinet has issued an emergency hotfix after security researchers disclosed a critical zero-day vulnerability in FortiClient EMS that is already being actively exploited by threat actors. Tracked as CVE-2026-35616 and carrying a CVSSv3 score of 9.1 (Critical), the flaw enables…Read more →

4 weeks ago

Fortinet Confirms New Zero-Day Behind Malicious SSO Logins

To stop the ongoing attacks, the cybersecurity vendor took the drastic step of temporarily disabling FortiCloud single sign-on (SSO) authentication.

Help Net Security

Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718? - Help Net Security

CVE-2025-59718, an auth bypass flaw that attackers exploited in December 2025 to compromise FortiGate appliances, appears to have persisted.

Fortinet confirms critical FortiCloud auth bypass not fully patched

Days after admins began reporting that their fully patched firewalls are being hacked, Fortinet confirmed it's working to fully address a critical FortiCloud SSO authentication bypass vulnerability that should have already been patched since early December.

CVE-2025-59718 CVE-2025-59719

Fortinet Firewalls Hit With Malicious Configuration Changes

Automated infections of potentially fully patched FortiGate devices are allowing threat actors to steal firewall configuration files.

Hackers breach Fortinet FortiGate devices, steal firewall configs

Fortinet FortiGate devices are being targeted in automated attacks that create rogue accounts and steal firewall configuration data, according to cybersecurity company Arctic Wolf.

Fortinet admins report patched FortiGate firewalls getting hacked

Fortinet customers are seeing attackers exploiting a patch bypass for a previously fixed critical FortiGate authentication vulnerability (CVE-2025-59718) to hack patched firewalls.