Fortinet Customers Face Active Exploitation of Critical Zero-Day Vulnerabilities

Fortinet customers are facing active exploitation of two critical zero-day vulnerabilities in FortiClient EMS, with attacks occurring over the past few weeks. The vulnerabilities have been assigned CVE-2026-35616, though a full patch remains pending. Security experts are urging users to apply an immediate hotfix to mitigate the risks. The flaws affect Fortinet’s endpoint management solution, which is widely used for enterprise security. No specific threat actors or targeted sectors were mentioned in the reported incidents.