Home Ivanti CVE-2026-1281
CRITICAL: THIS VULNERABILITY IS ACTIVELY BEING EXPLOITED IN THE WILD (CISA KEV CATALOG)
Back to Ivanti

CVE-2026-1281

Exploited

Ivanti Endpoint Manager Mobile - EPMM

Ivanti CVSS 9.8 Updated March 16, 2026

Executive Risk Summary

"A code injection vulnerability in Ivanti Endpoint Manager Mobile allows attackers to achieve unauthenticated remote code execution, potentially leading to a full system compromise. This vulnerability poses a significant risk to organizations using the affected product, as it can be exploited without any authentication or user interaction."

Operational Audit Arsenal

Target Type Software Component
Target Asset Ivanti Endpoint Manager Mobile
Standard Path Global Management Plane

Manual Verification Required

This is a non-Windows asset (Ivanti). Use the target asset details and official path provided above to verify your current version against the official vendor advisories listed below.

Patch Impact Forecast

Reboot Required Likely

Moderate to High

Internal Work Notes

CVE-2026-1281: Unauthenticated RCE vulnerability in Ivanti Endpoint Manager Mobile - EPMM. Apply vendor patch and verify version to mitigate risk.

Technical Intelligence & Operational Utilities • Delivered Weekly

Intelligence Sources

Official Advisoryhttps://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340
Official Advisoryhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-1281

Related Ivanti Threats

CVE-2024-11639 CVSS 10

Ivanti Cloud Services Application - Admin Web Console
CVE-2025-22467 CVSS 9.9

Ivanti Connect Secure - Connect Secure
CVE-2023-46808 CVSS 9.9

Ivanti Neurons for ITSM - File Upload Component
Data compiled from NVD, MSRC, and CISA KEV Catalog. Intelligence synthesized via AI. Scripts provided for diagnostic purposes under MIT License.