CVE-2026-21643 - Vulnerability Details

Threat entity extracted from intelligence sources

Frequency
11
occurrences
First Seen
February 7, 2026
Last Seen
May 12, 2026

CVE-2026-21643 is a vulnerability tracked across 3 threat clusters and 11 intelligence report mentions on ThreatCluster. First observed February 7, 2026; most recent activity May 12, 2026.

Related Threat Clusters

Recent Intelligence Reports

  • Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator — Bleepingcomputer · May 12, 2026
  • Risky Bulletin: Iranian password sprays came first, then came the missiles — News.Risky.Biz · April 1, 2026
  • CVE-2026-21643: Critical FortiClient EMS Vulnerability Enables Unauthenticated Remote ... — Socprime · February 10, 2026
  • Fortinet Fixes Critical FortiClientEMS RCE (CVE-2026-21643, CVSS 9.1). SQL injection flaw ... — X · February 10, 2026
  • Critical Fortinet FortiClient EMS Vulnerability Allows Remote Code Execution — Linkedin · February 10, 2026
  • CVE-2026-21643: Critical SQL Injection in FortiClientEMS — Arcticwolf · February 9, 2026
  • Critical Fortinet FortiClientEMS flaw allows remote code execution — Securityaffairs.Co · February 9, 2026
  • Malicious code can slip through FortiClient EMS vulnerability — Heise.De · February 9, 2026

CVSS v3.1 Breakdown