Improper Certificate Validation in Fortinet FortiClient EMS
CVE-2026-59836

6.7MEDIUM

Key Information:

Vendor

Fortinet

Vendor
CVE Published:
14 July 2026

What is CVE-2026-59836?

An improper certificate validation vulnerability exists in Fortinet's FortiClient EMS, spanning several versions from 7.2 to 7.4.5. This flaw may allow an attacker to exploit the system, leading to potential information disclosure. It is crucial for users to review their configurations and ensure that appropriate security measures are in place to mitigate the risks associated with this vulnerability.

Affected Version(s)

FortiClientEMS 7.4.3 <= 7.4.5

FortiClientEMS 7.4.0 <= 7.4.1

FortiClientEMS 7.2.12 <= 7.2.14

References

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.