Fortinet Issues Emergency Patch for FortiClient Zero-Day

Monday, April 6, 2026 at 08:24 PM UTC·Source: Dark Reading

Updated: Monday, April 6, 2026 at 08:41 PM UTC

Executive Summary

The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild.

Analysis

The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild.

Indicators of Compromise (1)

CVE (1)

CVE-2026-35616

NVD MITRE CVE

Source Attribution

Originally published by Dark Reading on Apr 6, 2026.

Related Threats

CRITICALZero Day

Fortinet customers confront actively exploited zero-day, with a full patch still pending

Two critical defects in FortiClient EMS have been exploited in the past couple weeks. Experts push for users to apply an immediate hotfix. The post Fortinet customers confront actively exploited zero-day, with a full patch still pending appeared first on CyberScoop .

3h agoCyberScoop

CRITICALZero DayPOC

Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit

Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing attackers to gain SYSTEM or elevated administrator permissions. [...]

5h agoBleepingComputer

CRITICALZero Day

Attackers Target Zero-Day Flaw in Fortinet Security Software

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/attackers-target-zero-day-flaw-in-fortinet-security-software-image_small-2-a-31344.jpg" align=right hspace=4><b>Vendor Issues Hotfix for Critical Flaw in FortiClient Endpoint Management Server</b><br>Fortinet's endpoint management security server software is under fire from attackers, who are actively targeting two critical flaws,

7h agoBank Info Security