Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

CISA KEV listing and FCEB patch order for CVE-2026-35616

Public Sector Action
First reported
Last updated
Happening score
H score 45
1 unique sources, 1 articles

Summary

Hide ▲

CISA added CVE-2026-35616 to the KEV Catalog and ordered FCEB agencies to patch FortiClient EMS by Thursday midnight, April 9. The mandate matters because the flaw is already exploited in the wild and can let attackers bypass authentication and authorization controls. CISA tied the order to BOD 22-01, making the remediation deadline compulsory for the affected federal systems.

Related Happenings

CERT-In 12-hour KEV remediation guidance

Advisory/Mitigation
First: 26.05.2026 13:30 Last: 26.05.2026 13:30 Sources 1

About this happening: CERT-In set a **12-hour** expectation for containing or remediating **known exploited vulnerabilities** on **internet-facing and crown-jewel systems**, sharply shortening response...

Open Happening

CISA orders FCEB patching for CVE-2026-9082

Public Sector Action
First: 26.05.2026 11:46 Last: 26.05.2026 11:46 Sources 1

About this happening: **CISA** added **CVE-2026-9082** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Drupal** by **May 27**, turning an actively exploited flaw into a mandatory federa...

Open Happening

CISA emergency patch deadline for Ivanti EPMM

Public Sector Action
First: 08.05.2026 15:16 Last: 08.05.2026 15:16 Sources 1

About this happening: CISA ordered **U.S. federal agencies** to patch **Ivanti EPMM** by **midnight Sunday, May 10** after adding **CVE-2026-6973** to its list of vulnerabilities exploited in attacks....

Open Happening

CISA KEV order for Copy Fail on federal Linux devices

Public Sector Action
First: 08.05.2026 10:45 Last: 08.05.2026 10:45 Sources 1

About this happening: **CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...

Open Happening

CISA KEV listing and FCEB firewall directive for CVE-2026-0300

Public Sector Action
First: 07.05.2026 13:57 Last: 07.05.2026 13:57 Sources 1

About this happening: **CISA** added **CVE-2026-0300** to the **KEV Catalog** and ordered **FCEB agencies** to secure vulnerable firewalls by **May 9, 2026**. The federal directive makes the exploited...

Open Happening

Timeline

  1. 06.04.2026 19:02 2 articles · 1mo ago

    CISA adds CVE-2026-35616 to KEV and orders FCEB patching

    Legal Policy Action Update

    CISA added CVE-2026-35616 to the Known Exploited Vulnerabilities (KEV) Catalog and ordered Federal Civilian Executive Branch (FCEB) agencies to patch FortiClient EMS instances by Thursday midnight, April 9, under Binding Operational Directive (BOD) 22-01.

    Show sources
    Open in new tab
  2. 06.04.2026 19:02 1 articles · 1mo ago

    Defused identifies CVE-2026-35616 in FortiClient EMS as a pre-auth access bypass

    Technical Analysis Update

    Defused identified CVE-2026-35616 as a pre-authentication API access bypass in FortiClient Enterprise Management Server (EMS) that can let attackers bypass authentication and authorization controls entirely; Fortinet released emergency hotfixes for FortiClient EMS 7.4.5 and 7.4.6, said unauthenticated attackers can execute code or commands via specially crafted requests, and Shadowserver tracked nearly 2,000 exposed instances with more than 1,400 IPs in the United States and Europe.

    Show sources
    Open in new tab