Critical severity9.8CISA KEVNVD Advisory· Published Jan 29, 2026· Updated Apr 9, 2026
CVE-2026-1340
CVE-2026-1340
Description
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.
Affected products
1- cpe:2.3:a:ivanti:endpoint_manager_mobile:*:*:*:*:*:*:*:*Range: <=12.7.0.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340nvdVendor Advisory
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdThird Party AdvisoryUS Government Resource
News mentions
0No linked articles in our index yet.