Signal
NCSC-2026-0107 [1.00] [H/H] Kwetsbaarheid verholpen in FortiClient EMS van Fortinet
Evidence first: scan the strongest sources, then decide whether to go deeper.
Published 2026-04-03 12:59 UTCUpdated 2026-04-04 14:09 UTC
rss
securityhelp_net_security
Source links open
Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.
No card needed for the free brief.
Evidence trail (top sources)
top sources (3 domains)domains are deduped. counts indicate coverage, not truth.3 top sources shown
Overview
CVSSv3 Score: 9.1 An Improper Access Control vulnerability [CWE-284] in FortiClient EMS may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.Fortinet has observed this to be exploited in the wild and urges vulnerable customers to install the hotfix for FortiClient EMS...
Score total
1.15
Momentum 24h
3
Posts
3
Origins
3
Source types
1
Duplicate ratio
0%
All evidence
All evidence
FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616)
Help Net Security · helpnetsecurity.com · 2026-04-04 14:09 UTC
NCSC-2026-0107 [1.00] [H/H] Kwetsbaarheid verholpen in FortiClient EMS van Fortinet
NCSC NL Security Advisories · advisories.ncsc.nl · 2026-04-04 13:49 UTC
API authentication and authorization bypass
Fortinet PSIRT Blogs · fortiguard.fortinet.com · 2026-04-04 00:58 UTC
Show filters & breakdown
Posts loaded: 0Publishers: 3Origin domains: 3Duplicates: -
Showing 3 / 0
Top publishers (this list)
- Help Net Security (1)
- NCSC NL Security Advisories (1)
- Fortinet PSIRT Blogs (1)
Top origin domains (this list)
- helpnetsecurity.com (1)
- advisories.ncsc.nl (1)
- fortiguard.fortinet.com (1)