CVE-2026-35616 is a critical zero-day in Fortinet FortiClient EMS (Endpoint Management Server) under active exploitation by threat actors delivering the EKZ infostealer disguised as a legitimate Fortinet software patch. The vulnerability is network-exploitable and confirmed by Arctic Wolf and watchTowr. Specific affected version ranges are not yet confirmed from available data — consult the Fortinet PSIRT advisory and NVD directly.
