Fixed Intel

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Apr 16, 2026

CVE-2026-21643

Info
EPSS 0.0%CISA KEV
Fortinet/FortiClient EMS

Description

Referenced in article: ⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More

EPSS — Exploit Probability

0.0%

Higher than 13.6% of all CVEs

Required Action

https://fortiguard.fortinet.com/psirt/FG-IR-25-1142 ; https://nvd.nist.gov/vuln/detail/CVE-2026-21643

Related Articles (1)

Industry News

⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More

Trivy backdoored, FBI buys location data, iOS DarkSword kit, WhatsApp usernames, Langflow RCE, Cisco FMC zero-day & critical CVEs to patch.

Mar 23, 2026

Risk Assessment

ELEVATED
In CISA KEV

Details

Severity
Info
EPSS
0.0%
CISA KEV
Yes
Ransomware
Unknown
Articles
1

Timeline

Published

Mar 28, 2026

Added to KEV

Apr 13, 2026

Remediation Due

Apr 16, 2026

Affected Product

Fortinet

FortiClient EMS

View all Fortinet CVEs

External Links

NVD (NIST)CVE DetailsMITRE CVE