Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Ivanti security patch release for CVE-2025-13659

Security Patch Release
First reported
Last updated
Happening score
H score 30
2 unique sources, 2 articles

Summary

Hide ▲

Ivanti released security updates for Endpoint Manager to address three high-severity vulnerabilities, including two flaws that could enable unauthenticated code execution on unpatched systems. The bundle includes CVE-2025-13659 and CVE-2025-13662. Exploitation still requires user interaction and contact with an untrusted core server or untrusted configuration files.

Related Happenings

Drupal core security update for CVE-2026-9082

Security Patch Release
First: 22.05.2026 16:14 Last: 22.05.2026 16:14 Sources 1

About this happening: **Drupal** released security updates for **CVE-2026-9082**, a highly critical SQL injection flaw affecting **PostgreSQL**-backed sites, and urged administrators to **upgrade immed...

Open Happening

Ivanti security patch release for CVE-2026-8043

Security Patch Release
First: 18.05.2026 13:54 Last: 18.05.2026 13:54 Sources 1

About this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...

Open Happening

CPanel security patch release for CVE-2026-29201

Security Patch Release
First: 09.05.2026 10:16 Last: 09.05.2026 10:16 Sources 1

About this happening: **cPanel** released updates for **cPanel and Web Host Manager (WHM)** to fix **three vulnerabilities** that could enable **privilege escalation**, **code execution**, or **denial-...

Open Happening

Microsoft April 2026 Patch Tuesday security update (165 CVEs)

Security Patch Release
First: 15.04.2026 00:22 Last: 15.04.2026 00:22 Sources 1

About this happening: **Microsoft** shipped **April 2026 Patch Tuesday** updates covering **165 CVEs**, including an **actively exploited zero-day** and a **publicly disclosed** flaw, creating immediat...

Open Happening

Microsoft April 2026 Patch Tuesday security updates (167 flaws)

Security Patch Release
First: 14.04.2026 20:41 Last: 14.04.2026 20:41 Sources 1

About this happening: Microsoft's **April 2026 Patch Tuesday** ships **security updates** for **167 flaws**, including **2 zero-days**, reducing exposure across widely used Microsoft software. The rele...

Open Happening

Timeline

  1. 09.12.2025 19:10 2 articles · 5mo ago

    Ivanti releases Endpoint Manager fixes for critical flaws

    Mitigation Patch Update

    Ivanti warned customers to patch CVE-2025-10573 in Endpoint Manager (EPM) and released security updates for three high-severity vulnerabilities, including CVE-2025-13659 and CVE-2025-13662, which could allow unauthenticated attackers to execute arbitrary JavaScript or arbitrary code on unpatched systems when user interaction and untrusted inputs are involved. Ivanti said CVE-2025-10573 is a stored XSS flaw in versions prior to 2024 SU4 SR1, that the vulnerabilities were disclosed through its responsible disclosure program, and that it has not found evidence of exploitation in attacks. Shadowserver was tracking hundreds of Internet-facing Ivanti EPM instances, including systems in the United States, Germany, and Japan.

    Show sources
    Open in new tab