1
CVEs
1
Critical
0
High
1
KEV
1
PoC
1
Unpatched C/H
0.0%
Patch Rate
0.0%
Avg EPSS
Severity Breakdown
CRITICAL
1
HIGH
0
MEDIUM
0
LOW
0
Monthly CVE Trend
Affected Products (30)
Fortios
41
Fortimanager
27
Fortiweb
26
Command Injection
21
Fortianalyzer
20
Fortiproxy
18
Fortimanager Cloud
16
Forticlient
11
Fortivoice
10
Fortianalyzer Cloud
10
Stack Overflow
10
Fortirecorder
8
Windows
8
Fortisase
6
Fortisandbox
5
Fortimail
5
Forticlientems
5
Fortipam
5
Fortisiem
4
Fortiportal
4
Fortiadc
4
Fortiswitchmanager
3
Fortideceptor
3
Integer Overflow
3
Heap Overflow
2
Ldap
2
Fortiisolator
2
Fortindr
2
Fortianalyzer Big Data
2
Forticamera Firmware
2
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2026-35616 | Remote code execution in Fortinet FortiClientEMS versions 7.4.5 through 7.4.6 allows unauthenticated attackers to execute arbitrary code via crafted network requests. The vulnerability stems from improper access control (CWE-284) and requires no user interaction or privileges (CVSS PR:N). With a CVSS score of 9.1 (Critical) and low attack complexity, this represents a severe exposure for organizations using affected FortiClientEMS versions. The CVSS temporal metrics indicate functional exploit code exists (E:F) with an official fix available (RL:O), making this a high-priority patching target despite no confirmed active exploitation (not present in CISA KEV). | CRITICAL | 9.8 | 0.0% | 124 |
KEV
PoC
No patch
|