CVE-2026-1281

Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability

Ivanti Endpoint Manager Mobile (EPMM) CWE-94

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.

CVSS Score

9.8

Critical

EPSS — Exploit Probability

82%

Riskier than 99% of all CVEs

Exploitation

Confirmed in the wild

Used in ransomware campaigns

Remediation

Patch available

Federal deadline 2026-02-01

CISA required action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Deadline for federal agencies: 2026-02-01.

NVD entry Vendor patch PoC / advisory CISA KEV

1 article across 1 outlet · first covered May 8, 2026 · latest May 8, 2026

Coverage timeline

Ivanti patches EPMM zero day CVE-2026-6973 after targeted attacks
www.securityweek.com · May 8, 2026

Related CVEs — Ivanti

CVE-2026-6973KEV CVE-2026-1340KEV CVE-2023-46805KEV