Fortinet FortiClientEMS security update for CVE-2026-21643
Security Patch Release
Summary
Hide ▲
Show ▼
Fortinet released security updates for FortiClientEMS to fix CVE-2026-21643, a critical SQL injection flaw that could let an unauthenticated attacker execute arbitrary code or commands. The issue carries a CVSS 9.1 score and affects FortiClientEMS 7.4.4, which should be upgraded to 7.4.5 or above. Fortinet says 7.2 and 8.0 are not affected.
Related Happenings
FortiBleed multi-vendor brute-force wave
Exploitation Wave
H score75
First: 23.06.2026 21:20
Last: 23.06.2026 21:20
Sources 1
About this happening:
A **multi-vendor brute-force wave** tied to **FortiBleed** is hitting **Fortinet, Synology, Sophos, Citrix, RDWeb, and MS-SQL** targets, expanding the risk from one firewall-focus...
FortiBleed multi-vendor brute-force wave
Exploitation WaveAbout this happening: A **multi-vendor brute-force wave** tied to **FortiBleed** is hitting **Fortinet, Synology, Sophos, Citrix, RDWeb, and MS-SQL** targets, expanding the risk from one firewall-focus...
FortigateSniffer FortiOS packet-sniffer credential-harvesting tool
Malware Activity
H score72
First: 22.06.2026 23:01
Last: 22.06.2026 23:01
Sources 1
About this happening:
**FortigateSniffer** is a **Golang-based credential-harvesting tool** used in the **FortiBleed** operation against **FortiGate firewalls**. It abuses **FortiOS** packet-sniffing f...
FortigateSniffer FortiOS packet-sniffer credential-harvesting tool
Malware ActivityAbout this happening: **FortigateSniffer** is a **Golang-based credential-harvesting tool** used in the **FortiBleed** operation against **FortiGate firewalls**. It abuses **FortiOS** packet-sniffing f...
FortiGate firewall and SSL VPN customers data exposed after Fortinet breach
Data Leak
H score93
First: 22.06.2026 11:30
Last: 22.06.2026 11:30
Sources 1
About this happening:
The **FortiBleed** credential leak exposed **around 75,000 stolen logins** from **FortiGate firewall and SSL VPN customers**, creating immediate account-takeover risk for affected...
FortiGate firewall and SSL VPN customers data exposed after Fortinet breach
Data LeakAbout this happening: The **FortiBleed** credential leak exposed **around 75,000 stolen logins** from **FortiGate firewall and SSL VPN customers**, creating immediate account-takeover risk for affected...
FortiBleed Fortinet/FortiGate VPN credential leak
Data Leak
H score80
First: 17.06.2026 18:12
Last: 17.06.2026 18:12
Sources 1
About this happening:
**FortiBleed** is a **data leak** of **Fortinet/FortiGate VPN credentials** that now includes a verified database of **86,644 confirmed working credentials** collected from **inte...
FortiBleed Fortinet/FortiGate VPN credential leak
Data LeakAbout this happening: **FortiBleed** is a **data leak** of **Fortinet/FortiGate VPN credentials** that now includes a verified database of **86,644 confirmed working credentials** collected from **inte...
Latest development: 19.06.2026 09:47
CISA urged Fortinet customers to secure FortiGate appliances after nearly 74,000 firewall and VPN credentials were exposed in the FortiBleed leak. The agency advised affected owners to terminate SSL VPN and administrative sessions, reset VPN and administrative passwords, enable phishing-resistant multifactor authentication, review logs for unauthorized access or lateral movement, store admin credentials with PBKDF2, restrict firewall management interfaces from public internet access, and remove unauthorized accounts.
Fortinet security patch release for CVE-2026-39813
Security Patch Release
H score41
First: 16.06.2026 12:19
Last: 16.06.2026 12:19
Sources 1
About this happening:
**Fortinet** released **April 14** security updates for **FortiSandbox**, covering **CVE-2026-39813**, **CVE-2026-39808**, and **CVE-2026-25089**. The patch release fixes **three...
Fortinet security patch release for CVE-2026-39813
Security Patch ReleaseAbout this happening: **Fortinet** released **April 14** security updates for **FortiSandbox**, covering **CVE-2026-39813**, **CVE-2026-39808**, and **CVE-2026-25089**. The patch release fixes **three...
Timeline
-
10.02.2026 06:38 3 articles · 4mo ago
Fortinet releases FortiClientEMS security update for CVE-2026-21643
Mitigation Patch UpdateFortinet released security updates for FortiClientEMS to fix CVE-2026-21643, a critical SQL injection vulnerability with CVSS 9.1 that could let an unauthenticated attacker execute unauthorized code or commands via specifically crafted HTTP requests. FortiClientEMS 7.4.4 should be upgraded to 7.4.5 or above, while FortiClientEMS 7.2 and FortiClientEMS 8.0 are not affected.
Show sources
- Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution — thehackernews.com — 10.02.2026 06:38
- Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution — thehackernews.com — 10.02.2026 06:38
- Fortinet BIG-IP Vulnerability Reclassified as RCE, Under Exploitation — www.darkreading.com — 30.03.2026 21:24