Find notable cyber news and cases, enriched with sources, timelines, and signals.

Ivanti security patch release for CVE-2026-1281

Security Patch Release
First reported
Last updated
Happening score
H score 46
3 unique sources, 3 articles

Summary

Hide ▲

Ivanti released security updates for Ivanti Endpoint Manager Mobile (EPMM) after disclosure of two critical zero-day flaws that can enable unauthenticated remote code execution. The patch set covers CVE-2026-1281 and CVE-2026-1340 on affected EPMM 12.5.0.0 and prior, 12.6.0.0 and prior, 12.7.0.0 and prior, with a permanent fix planned for 12.8.0.0. CISA also added CVE-2026-1281 to the KEV catalog, making timely remediation especially urgent.

Cases

Related Happenings

Kandji security patch release for CVE-2026-39118

Security Patch Release
H score17 First: 25.06.2026 14:00 Last: 25.06.2026 14:00 Sources 1

About this happening: Kandji fixed its **MDM agent** on **macOS** and assigned **CVE-2026-39118** after validation showed a trust issue that could let a standard user disable enterprise security contro...

CISA BOD 26-04 remediation requirements

Advisory/Mitigation
H score31 First: 11.06.2026 15:46 Last: 11.06.2026 15:46 Sources 1

About this happening: CISA’s **Binding Operational Directive 26-04** forces **FCEB agencies** to speed up remediation of high-risk vulnerabilities, with some deadlines as short as **3 days** and new **...

Ghost CMS CVE-2026-26980 ClickFix campaign

Campaign
H score42 First: 24.05.2026 17:12 Last: 24.05.2026 17:12 Sources 1

About this happening: A **large-scale campaign** is exploiting **CVE-2026-26980** in **Ghost CMS** to plant malicious JavaScript and drive **ClickFix** lure pages, putting exposed sites and their visit...

Ivanti security patch release for CVE-2026-8043

Security Patch Release
H score25 First: 18.05.2026 13:54 Last: 18.05.2026 13:54 Sources 1

About this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...

CISA emergency patch deadline for Ivanti EPMM

Public Sector Action
H score40 First: 08.05.2026 15:16 Last: 08.05.2026 15:16 Sources 1

About this happening: CISA ordered **U.S. federal agencies** to patch **Ivanti EPMM** by **midnight Sunday, May 10** after adding **CVE-2026-6973** to its list of vulnerabilities exploited in attacks....

Timeline

  1. 13.02.2026 00:05 1 articles · 4mo ago

    Ivanti EPMM attacks hit European Commission and government agencies

    Campaign Scope Update

    Reported on Feb. 12, 2026, attacks tied to Ivanti Endpoint Manager Mobile (EPMM) had struck the European Commission and agencies of the Dutch and Finnish governments after Ivanti disclosed CVE-2026-1281 and CVE-2026-1340 on Jan. 29. The European Commission said its central infrastructure managing mobile devices was hit on Jan. 30, with staff names and mobile numbers compromised, while Valtori said an attack of the same nature affected around 50,000 people associated with Finland's central government and leaked names, email addresses, phone numbers, and other device details.

    Show sources
  2. 30.01.2026 06:43 2 articles · 5mo ago

    Ivanti releases EPMM fixes for two zero-day RCE flaws

    Mitigation Patch Update

    Ivanti released security updates for Ivanti Endpoint Manager Mobile (EPMM) after two critical code-injection flaws, CVE-2026-1281 and CVE-2026-1340, were exploited in zero-day attacks. The issues allow unauthenticated remote code execution in the In-House Application Distribution and Android File Transfer Configuration features, affect EPMM 12.5.0.0 and prior, 12.6.0.0 and prior, 12.7.0.0 and prior, and are fixed in RPM 12.x.0.x and RPM 12.x.1.x, with a permanent fix planned for EPMM 12.8.0.0 in Q1 2026.

    Show sources
  3. 30.01.2026 06:43 2 articles · 5mo ago

    CISA adds CVE-2026-1281 to the KEV catalog

    Legal Policy Action Update

    CISA added CVE-2026-1281 to the Known Exploited Vulnerabilities (KEV) catalog, and Federal Civilian Executive Branch (FCEB) agencies must apply the updates by February 1, 2026. The policy action raises remediation urgency for Ivanti Endpoint Manager Mobile (EPMM) deployments exposed to the actively exploited zero-day flaw.

    Show sources