Fortinet FortiClientEMS 7.4.4 carries the highest CVSS score in this period (9.8) via an unauthenticated SQL injection vulnerability (CVE-2026-21643) that enables remote OS-level command execution against the EMS management server. CISA KEV and VulnCheck KEV both confirm active exploitation, making this a zero-tolerance remediation item; compromise of the EMS server grants adversaries visibility into and potential control over all enrolled endpoints. Immediate actions include restricting network access to the EMS server to trusted management IPs only, applying the Fortinet PSIRT patch, and rotating all EMS service account credentials.