CVE-2026-35616: FortiClient EMS API Auth Bypass Enables Command Execution Fortinet disclosed a critical vulnerability in Fortinet FortiClient EMS (Enterprise Management Server) tracked as CVE-2026-35616. Fortinet also says it has observed in-the-wild exploitation and released out-of-band hotfix guidance for affected builds. This post breaks down what CVE-2026-, who is affected, and what defenders should do […]