Critical SQL Injection Vulnerability in Fortinet FortiClientEMS

Critical SQL Injection Vulnerability in Fortinet FortiClientEMS

First seen 10 Feb 2026, 04:55 UTC ThehackernewsRedhotcyberCybersecuritynewsGbhackersCyberpress+14 78% similarity 65.1

Article Content

Browse articles
ThreatCluster

A critical SQL injection vulnerability, identified as CVE-2026-21643, has been discovered in Fortinet FortiClientEMS version 7.4.4. This flaw allows unauthenticated attackers to execute unauthorized code or commands, posing significant risks to affected systems.

ThreatCluster AI

Timeline

2026-02-06
CVE-2026-21643 published
2026-02-06
First public PoC released
2026-02-07
Redhotcyber reports on vulnerability
2026-02-09
Arcticwolf reports on vulnerability

Community

Browse all →