A critical vulnerability in Fortinet's FortiClient EMS, tracked as CVE-2026-35616, has been found to be actively exploited in the wild, prompting the company to release emergency patches. The flaw, which carries a CVSS score of 9.1, is an improper access control issue that enables attackers to bypass authentication and escalate privileges through an API, posing a significant risk to affected systems1. The vulnerability, classified as CWE-284, allows unauthenticated attackers to gain unauthorized access, making it a high-severity threat. Fortinet's out-of-band patches aim to mitigate the issue, but the active exploitation of the flaw underscores the need for prompt action. The exploitation status of CVE-2026-35616 will determine whether this is a patch-now or monitor situation, making it crucial for practitioners to stay informed about the latest developments. This vulnerability matters to security professionals because it highlights the importance of timely patching to prevent potential breaches.