The Canadian Centre for Cyber Security issued an advisory regarding a critical API authentication and authorization bypass vulnerability (CVE-2026-35616) in Fortinet FortiClientEMS. Affecting versions 7.4.5 to 7.4.6, this flaw has been added to CISA's Known Exploited Vulnerabilities catalog, indicating active exploitation and requiring immediate patching.