Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability - CVE-2026-1281

Executive Summary

Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution.

CVSS Score: 9.0/10.0
Severity: CRITICAL

Affected Systems

• Ivanti Endpoint Manager Mobile (EPMM)

Detection & Mitigation

• Apply vendor patches as soon as available
• Monitor for indicators of compromise
• Review vendor advisories for specific guidance

References

• https://nvd.nist.gov/vuln/detail/CVE-2026-1281

• https://www.cisa.gov/known-exploited-vulnerabilities-catalog

• NVD Entry