Cve-2026-21643

vulnerabilities 2026-04-15
CVE-2026-21643: Pre-Auth SQL Injection in FortiClient EMS 7.4.4 Under Active Exploitation — CISA Deadline Tomorrow
Critical pre-authentication SQL injection in Fortinet FortiClient EMS 7.4.4 is being actively exploited. CISA KEV remediation deadline is April 16, 2026.
fortinet forticlient-ems sql-injection cisa-kev cve-2026-21643 pre-auth active-exploitation