CVE Watchtower


← Back to CVE List

CVE-2026-35616NVD

Vulnerability Summary

A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.
Severity Level
CRITICAL(9.8)
Published Date
Apr 4, 2026
Last Modified
Apr 6, 2026
Exploitation Status
ACTIVE
EPSS Score (30-Day)
41.37%Probability
Root Weakness (CWE)
Refer to the official MITRE database for detailed architectural specifications regarding this weakness.
CVSS v3.1 Base Metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh