CVE-2026-21643 is a vulnerability tracked across 3 threat clusters and 11 intelligence report mentions on ThreatCluster. First observed February 7, 2026; most recent activity May 12, 2026.
In March 2026, a suspected Iranian APT group, identified as Gray Sandstorm, initiated a password spraying campaign targeting Microsoft 365 accounts of over 300 organizations in Israel and more than 25 in the UAE. The…
Fortinet has identified multiple critical vulnerabilities in its FortiSandbox and FortiAuthenticator products, which could allow unauthenticated attackers to execute arbitrary code remotely. The vulnerabilities are…
A critical SQL injection vulnerability, identified as CVE-2026-21643, has been discovered in Fortinet FortiClientEMS version 7.4.4. This flaw allows unauthenticated attackers to execute unauthorized code or commands,…