← All advisories

Critical severity9.8CISA KEVNVD Advisory· Published Jan 29, 2026· Updated Apr 9, 2026

CVE-2026-1340

CVE-2026-1340

Description

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Ivanti/Endpoint Manager Mobile2 versions
cpe:2.3:a:ivanti:endpoint_manager_mobile:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ivanti:endpoint_manager_mobile:*:*:*:*:*:*:*:*range: <=12.7.0.0
- (no CPE)

Patches

Vulnerability mechanics

References

2

forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340nvdVendor Advisory
www.cisa.gov/known-exploited-vulnerabilities-catalognvdThird Party AdvisoryUS Government Resource

News mentions

8

Max-Severity Ivanti Flaw Exploited 24 Hours After Disclosure
Dark Reading · Jun 11, 2026
CISA gives feds four days to patch Ivanti flaw exploited as zero-day
BleepingComputer · May 8, 2026
Ivanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973)
Help Net Security · May 8, 2026
Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks
SecurityWeek · May 8, 2026
Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
The Hacker News · May 7, 2026
Ivanti warns of new EPMM flaw exploited in zero-day attacks
BleepingComputer · May 7, 2026
13th April – Threat Intelligence Report
Check Point Research · Apr 13, 2026
Someone Knows Bash Far Too Well, And We Love It (Ivanti EPMM Pre-Auth RCEs CVE-2026-1281 & CVE-2026-1340)
watchTowr Labs · Jan 30, 2026