A newly disclosed set of vulnerabilities affecting Fortinet’s endpoint management platform has raised serious concerns among cybersecurity professionals, particularly as both flaws are already being actively exploited.

The issues, tracked as CVE-2026-35616 and CVE-2026-21643, impact FortiClientEMS and expose systems to unauthenticated remote code execution (RCE), with attackers requiring no prior access to compromise affected servers. 

One of the vulnerabilities, CVE-2026-21643, stems from an improper neutralization of special elements in SQL commands, commonly referred to as a SQL Injection flaw (CWE-89). This weakness exists within the administrative interface of FortiClientEMS, all...