CVE-2026-35616

Overview

Fortinet
FortiClientEMS

04 Apr 2026

Published

04 Apr 2026

Updated

CVSS v3.1

CRITICAL (9.1)

EPSS

0.03%

MITRE

KEV

Description

A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.

Statistics

11 Posts
11 Interactions

Last activity: Last hour

Fediverse

DragonJAR @dragonjar

Fortinet ha corregido una vulnerabilidad crítica que permitía escalada de privilegios y ha sido explotada desde marzo, mientras una campaña rusa de desinformación impacta la seguridad informativa en Argentina y la arquitectura sólida demuestra ser clave para el éxito seguro de la inteligencia artificial empresarial. Descubre estos y más detalles en el siguiente listado de noticias sobre seguridad informática:

🗞️ ÚLTIMAS NOTICIAS EN SEGURIDAD INFORMÁTICA 🔒
====| 🔥 LO QUE DEBES SABER HOY 05/04/26 📆 |====

🔒 FORTINET CORRIGE VULNERABILIDAD CRÍTICA CVE-2026-35616

Fortinet ha lanzado un parche para la vulnerabilidad CVE-2026-35616, con una severidad CVSS de 9.1, que ha sido explotada activamente desde marzo de 2026. Esta falla afecta a FortiClient EMS versiones 7.4.5 a 7.4.6 y permite a atacantes escalar privilegios, poniendo en riesgo infraestructuras protegidas por esta solución. Es crucial actualizar cuanto antes para evitar posibles brechas graves en la seguridad corporativa.
Descubre cómo proteger tu sistema y actúa ya aquí 👉 https://djar.co/taQymi

🌐 INVESTIGACIÓN REVELA CAMPAÑA DE DESINFORMACIÓN RUSA EN ARGENTINA

Un estudio reciente expone una presunta campaña de influencia rusa que habría financiado artículos en medios digitales argentinos con la intención de desacreditar al gobierno local. Esta operación de desinformación pone en evidencia la importancia de fortalecer la alfabetización mediática y la seguridad en la gestión de la información pública. Mantente informado sobre las tácticas usadas en ataques informativos.
Lee el análisis completo y su impacto aquí 👉 https://djar.co/c4pWDF

🤖 IA EN LA EMPRESA: EL ROL CLAVE DE LA ARQUITECTURA PARA EL ÉXITO

El despliegue efectivo de inteligencia artificial en las empresas ha evolucionado: no solo el modelo de IA importa, sino la arquitectura que lo sustenta. Tras años de inversiones, se reconoce que una infraestructura adecuada es esencial para maximizar resultados, reducir riesgos y escalar soluciones inteligentes con seguridad. Conoce las claves para transformar tu estrategia de IA y obtener verdadero impacto.
Explora las mejores prácticas y casos de éxito aquí 👉 https://djar.co/WvEdC

0
1
0
13h ago

𝔸𝕟𝕠𝕟𝕪𝕞𝕠𝕦𝕤 :verified: @youranonnewsirc

Recent global developments on April 4, 2026:

Geopolitical: Trump challenges NATO's future over "Operation Epic Fury" participation; US-Iran conflict ongoing, Planet Labs withholds satellite images.
Technology: AI breakthroughs include Google DeepMind's Alpha Green for code optimization & OpenAI's GPT-6 on smartphones. Green compute initiatives accelerate.
Cybersecurity: Fortinet zero-day (CVE-2026-35616) exploited; EC suffers Trivy supply chain breach. New polymorphic malware & AI-generated bot threats emerge.

#AnonNews_irc #Cybersecurity #News

0
0
0
20h ago

Claudio C @cktodon

Fortinet corrige una #vulnerabilidad crítica explotada activamente en FortiClient EMS (CVE-2026-35616)

https://unaaldia.hispasec.com/2026/04/fortinet-corrige-una-vulnerabilidad-critica-explotada-activamente-en-forticlient-ems-cve-2026-35616.html?utm_source=rss&amp

0
0
0
9h ago

cc @sparta

New FortiClient EMS flaw exploited in attacks, emergency patch released https://www.bleepingcomputer.com/news/security/new-forticlient-ems-flaw-cve-2026-35616-exploited-in-attacks/

0
0
0
5h ago

𝔸𝕟𝕠𝕟𝕪𝕞𝕠𝕦𝕤 :verified: @youranonnewsirc

US-Iran geopolitical tensions escalate with downed aircraft and President Trump's threats. (Apr 5, 2026) On technology, Microsoft announced a ¥1.6 trillion investment in Japan for AI infrastructure and cybersecurity. (Apr 4, 2026) In cybersecurity, a critical Fortinet EMS zero-day (CVE-2026-35616) is actively exploited, and the EU Commission confirmed a 300GB data breach from a Trivy supply chain attack. (Apr 4, 2026)

#Cybersecurity #Geopolitics #TechNews

0
0
0
4h ago

Bluesky

Philippe Vynckier @pvynckier.bsky.social

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS thehackernews.com/2026/04/fort...

1
1
0
15h ago

Ninja Owl @ninjaowl.ai

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...

1
1
0
4h ago

Undercode Testing @undercode.bsky.social

CVE-2026-35616: FortiClient EMS Under Active Attack – Unauthenticated RCE via API Bypass + Video Introduction: FortiClient Enterprise Management Server (EMS) is a centralized management platform for Fortinet’s endpoint security solutions, widely deployed to enforce VPN policies, manage endpoint…

0
0
0
19h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

Fortinet patches critical CVE-2026-35616 affecting FortiClient EMS 7.4.5–7.4.6, allowing unauthenticated API access bypass and remote code execution. Update to 7.4.7 to fix. #Fortinet #APIBypass #USA

0
0
0
Last hour

The Shadowserver Foundation @shadowserver.bsky.social

Heads up FortiClient EMS users! CVE-2026-35616 (new) & CVE-2026-21643 - both unauthenticated RCE observed to be exploited in the wild! We fingerprint about 2000 instances globally, see public Dashboard: dashboard.shadowserver.org/statistics/i... Top affected: US & Germany

1
5
0
6h ago

The Shadowserver Foundation @shadowserver.bsky.social

Patch info: CVE-2026-35616 (0day reported by Defused Cyber): fortiguard.fortinet.com/psirt/FG-IR-... CVE-2026-21643: fortiguard.fortinet.com/psirt/FG-IR-...

0
0
0
6h ago

CVE-2025-55182

Overview

Meta
react-server-dom-webpack

03 Dec 2025

Published

26 Feb 2026

Updated

CVSS v3.1

CRITICAL (10.0)

EPSS

66.27%

MITRE

KEV

Description

A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.

Statistics

2 Posts
8 Interactions

Last activity: 10 hours ago

Bluesky

BleepingComputer @bleepingcomputer.com

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable Next.js apps.

3
4
0
10h ago

Philippe Vynckier @pvynckier.bsky.social

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials thehackernews.com/2026/04/hack...

0
1
0
15h ago

CVE-2024-23380

Overview

Qualcomm, Inc.
Snapdragon

01 Jul 2024

Published

01 Aug 2024

Updated

CVSS v3.1

HIGH (8.4)

EPSS

0.18%

MITRE

KEV

Description

Memory corruption while handling user packets during VBO bind operation.

Statistics

2 Posts
2 Interactions

Last activity: 4 hours ago

Fediverse

buherator @buherator

[RSS] A Technical Deep Dive into CVE-2024-23380: Exploiting GPU Memory Corruption to Android Root

https://androidoffsec.withgoogle.com/posts/a-technical-deep-dive-into-cve-2024-23380-exploiting-gpu-memory-corruption-to-android-root/

0
1
0
4h ago

Bluesky

buherator @buherator.bsky.social

[RSS] A Technical Deep Dive into CVE-2024-23380: Exploiting GPU Memory Corruption to Android Root androidoffsec.withgoogle.com -> Original->

0
1
0
4h ago

CVE-2026-33579

Overview

OpenClaw
OpenClaw

31 Mar 2026

Published

02 Apr 2026

Updated

CVSS v4.0

HIGH (8.6)

EPSS

0.01%

MITRE

KEV

Description

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails to forward caller scopes into the core approval check. A caller with pairing privileges but without admin privileges can approve pending device requests asking for broader scopes including admin access by exploiting the missing scope validation in extensions/device-pair/index.ts and src/infra/device-pairing.ts.

Statistics

2 Posts

Last activity: 17 hours ago

Bluesky

Hacker News 500 Points @newsyc500.bsky.social

OpenClaw privilege escalation vulnerability https://nvd.nist.gov/vuln/detail/CVE-2026-33579 (http://news.ycombinator.com/item?id=47628608)

0
0
0
17h ago

角征典／Masanori Kado @kdmsnr.com

🌐OpenClawの権限昇格の脆弱性 https://nvd.nist.gov/vuln/detail/CVE-2026-33579 via #HackerNews

0
0
0
17h ago

CVE-2025-70951

Overview

Pending

Pending

Published

Pending

Updated

CVSS

Pending

EPSS

Pending

MITRE

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

2 Posts
10 Interactions

Last activity: 8 hours ago

Bluesky

Catalin Cimpanu @campuscodi.risky.biz

There's a new unauth remote code execution bug in the CentOS Control Web Panel web hosting toolkit, tracked as CVE-2025-70951, that will need patching in the coming days fenrisk.com/rce-centos-w...

4
6
1
8h ago

CVE-2025-6514

Overview

mcp-remote

09 Jul 2025

Published

09 Jul 2025

Updated

CVSS v3.1

CRITICAL (9.6)

EPSS

1.46%

MITRE

KEV

Description

mcp-remote is exposed to OS command injection when connecting to untrusted MCP servers due to crafted input from the authorization_endpoint response URL

Statistics

1 Post
2 Interactions

Last activity: 17 hours ago

Bluesky

r/netsec bot @r-netsec.bsky.social

When OAuth Becomes a Weapon: Lessons from CVE-2025-6514

1
1
0
17h ago

CVE-2026-4747

Overview

FreeBSD
FreeBSD

26 Mar 2026

Published

02 Apr 2026

Updated

CVSS

Pending

EPSS

0.18%

MITRE

KEV

Description

Each RPCSEC_GSS data packet is validated by a routine which checks a signature in the packet. This routine copies a portion of the packet into a stack buffer, but fails to ensure that the buffer is sufficiently large, and a malicious client can trigger a stack overflow. Notably, this does not require the client to authenticate itself first. As kgssapi.ko's RPCSEC_GSS implementation is vulnerable, remote code execution in the kernel is possible by an authenticated user that is able to send packets to the kernel's NFS server while kgssapi.ko is loaded into the kernel. In userspace, applications which have librpcgss_sec loaded and run an RPC server are vulnerable to remote code execution from any client able to send it packets. We are not aware of any such applications in the FreeBSD base system.

Statistics

1 Post
1 Interaction

Last activity: 6 hours ago

Fediverse

Graham Perrin @grahamperrin

CVE-2026-4747

Re what's quoted in the opening post at <https://forums.freebsd.org/threads/102251/>, please note that Nicholas Carlini has not yet made a public statement about findings.

(I should not treat notebookcheck.net as an authoritative source on this matter.)

#FreeBSD #security

0
1
0
6h ago

CVE-2026-3445

Overview

properfraction
Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress

04 Apr 2026

Published

04 Apr 2026

Updated

CVSS v3.1

HIGH (7.1)

EPSS

0.02%

MITRE

KEV

Description

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to unauthorized membership payment bypass in all versions up to, and including, 4.16.11. This is due to a missing ownership verification on the `change_plan_sub_id` parameter in the `process_checkout()` function. This makes it possible for authenticated attackers, with subscriber level access and above, to reference another user's active subscription during checkout to manipulate proration calculations, allowing them to obtain paid lifetime membership plans without payment via the `ppress_process_checkout` AJAX action.

Statistics

1 Post

Last activity: 19 hours ago

Fediverse

OffSequence @offseq

🚨 HIGH severity: CVE-2026-3445 in ProfilePress plugin lets subscriber-level users bypass paid memberships via missing authorization in process_checkout(). No patch yet. Restrict privileges & monitor activity. Details: https://radar.offseq.com/threat/cve-2026-3445-cwe-862-missing-authorization-in-pro-38b78a54 #OffSeq #WordPress #Vuln

0
0
0
19h ago

CVE-2026-5425

Overview

trustindex
Widgets for Social Photo Feed

04 Apr 2026

Published

04 Apr 2026

Updated

CVSS v3.1

HIGH (7.2)

EPSS

0.06%

MITRE

KEV

Description

The Widgets for Social Photo Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'feed_data' parameter keys in all versions up to, and including, 1.7.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Statistics

1 Post

Last activity: 16 hours ago

Fediverse

OffSequence @offseq

⚠️ HIGH severity: Stored XSS (CVE-2026-5425) in trustindex Widgets for Social Photo Feed (≤1.7.9) allows unauthenticated attackers to inject malicious scripts via 'feed_data'. No patch yet — disable plugin. Details: https://radar.offseq.com/threat/cve-2026-5425-cwe-79-improper-neutralization-of-in-1c7aa2af #OffSeq #WordPress #XSS #Vuln

0
0
0
16h ago

CVE-2026-5605

Overview

Tenda
CH22

05 Apr 2026

Published

05 Apr 2026

Updated

CVSS v4.0

HIGH (8.7)

EPSS

Pending

MITRE

KEV

Description

A weakness has been identified in Tenda CH22 1.0.0.1. This affects the function formWrlExtraSet of the file /goform/WrlExtraSet. Executing a manipulation of the argument GO can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.

Statistics

1 Post

Last activity: Last hour

Fediverse

OffSequence @offseq

🚨 HIGH severity: CVE-2026-5605 in Tenda CH22 v1.0.0.1 — stack-based buffer overflow in /goform/WrlExtraSet. No patch yet. Restrict remote access & monitor for threats. Details: https://radar.offseq.com/threat/cve-2026-5605-stack-based-buffer-overflow-in-tenda-5175b382 #OffSeq #Vulnerability #IoTSecurity

0
0
0
Last hour