Unrated severityCISA KEVNVD Advisory· Published Jan 29, 2026· Updated Feb 26, 2026
CVE-2026-1281
CVE-2026-1281
Description
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 12.x.1.x RPM
Patches
Vulnerability mechanics
References
1News mentions
6- CISA gives feds four days to patch Ivanti flaw exploited as zero-dayBleepingComputer · May 8, 2026
- Ivanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973)Help Net Security · May 8, 2026
- Ivanti Patches EPMM Zero-Day Exploited in Targeted AttacksSecurityWeek · May 8, 2026
- Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level AccessThe Hacker News · May 7, 2026
- Ivanti warns of new EPMM flaw exploited in zero-day attacksBleepingComputer · May 7, 2026
- Someone Knows Bash Far Too Well, And We Love It (Ivanti EPMM Pre-Auth RCEs CVE-2026-1281 & CVE-2026-1340)watchTowr Labs · Jan 30, 2026