CVE-2026-1281 & CVE-2026-1340: A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.
Zero-Day: Yes
CVSS: Both 9.8
CVE Published: January 29th, 2026
KEV Catalog: January 29th, 2026
Affected Vendor: Ivanti
Vulnerability Type: Remote Code Execution (RCE)
Advisory: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340?language=en_US
CVE-2026-1281 & CVE-2026-1340: A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution
Related
Latest
