CVE-2026-39809

Name of the Vulnerable Software and Affected Versions FortiClientEMS versions 7.4.0 through 7.4.5 FortiClientEMS versions 7.2.0 through 7.2.12 FortiClientEMS version 7.0

Description Improper neutralization of special elements used in an SQL command, known as SQL injection, allows an attacker to execute unauthorized code or commands by sending crafted requests. This issue requires high privileges but can potentially lead to full system compromise.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.