Fortinet Issues Urgent Advisory for Critical Vulnerability in FortiClientEMS

Fortinet has issued an urgent advisory regarding a critical vulnerability in FortiClientEMS, identified under the code CVE-2026-21643 with a CVSS score of 9.1. This flaw, classified as an SQL injection, allows remote attackers to execute malicious code without requiring authentication. The vulnerability resides in the incorrect neutralization of special elements used in an SQL command.