{"uuid": "a779bcf2-eb8d-4fcd-9905-61c30cc65e38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2026-21643", "type": "published-proof-of-concept", "source": "https://t.me/thehackernews/8380", "content": "\ud83d\udea8\ud83d\udee1\ufe0f Fortinet Fixes Critical FortiClientEMS RCE (CVE-2026-21643, CVSS 9.1).\n\nSQL injection flaw enables unauthenticated remote command execution via crafted requests. Affects EMS 7.4.4 (patch available).\n\nSeparate FortiCloud SSO bug is actively exploited for admin persistence and firewall config theft.\n\n\ud83d\udd17 See affected versions and patch guidance \u2192 https://thehackernews.com/2026/02/fortinet-patches-critical-sqli-flaw.html", "creation_timestamp": "2026-02-10T04:44:13.000000Z"}