Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Ivanti security patch release for CVE-2026-1281

Security Patch Release
First reported
Last updated
Happening score
H score 59
3 unique sources, 3 articles

Summary

Hide ▲

Ivanti released security updates for Ivanti Endpoint Manager Mobile (EPMM) after disclosure of two critical zero-day flaws that can enable unauthenticated remote code execution. The patch set covers CVE-2026-1281 and CVE-2026-1340 on affected EPMM 12.5.0.0 and prior, 12.6.0.0 and prior, 12.7.0.0 and prior, with a permanent fix planned for 12.8.0.0. CISA also added CVE-2026-1281 to the KEV catalog, making timely remediation especially urgent.

Cases

Ivanti Endpoint Manager Mobile zero-day exploitation, European government breaches, and concentrated attack wave (5) Ivanti Endpoint Manager Mobile zero-day exploitation, European government breaches, and concentrated attack wave (5) Ivanti Endpoint Manager Mobile zero-day exploitation, European government breaches, and concentrated attack wave (5) Ivanti Endpoint Manager Mobile zero-day exploitation, European government breaches, and concentrated attack wave (5)

Related Happenings

Ghost CMS CVE-2026-26980 ClickFix campaign

Campaign
First: 24.05.2026 17:12 Last: 24.05.2026 17:12 Sources 1

About this happening: A **large-scale campaign** is exploiting **CVE-2026-26980** in **Ghost CMS** to plant malicious JavaScript and drive **ClickFix** lure pages, putting exposed sites and their visit...

Open Happening

Ivanti security patch release for CVE-2026-8043

Security Patch Release
First: 18.05.2026 13:54 Last: 18.05.2026 13:54 Sources 1

About this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...

Open Happening

CISA emergency patch deadline for Ivanti EPMM

Public Sector Action
First: 08.05.2026 15:16 Last: 08.05.2026 15:16 Sources 1

About this happening: CISA ordered **U.S. federal agencies** to patch **Ivanti EPMM** by **midnight Sunday, May 10** after adding **CVE-2026-6973** to its list of vulnerabilities exploited in attacks....

Open Happening

Ivanti EPMM patch release for CVE-2026-5786, CVE-2026-5787, CVE-2026-5788, and CVE-2026-7821

Security Patch Release
First: 07.05.2026 18:20 Last: 07.05.2026 18:20 Sources 1

About this happening: Ivanti released a security update for on-prem Endpoint Manager Mobile (EPMM) covering CVE-2026-5786, CVE-2026-5787, CVE-2026-5788, and CVE-2026-7821. The patch addresses high-seve...

Latest development: 07.05.2026 20:55

Ivanti released fixes for CVE-2026-5786, CVE-2026-5787, CVE-2026-5788, and CVE-2026-7821 in Endpoint Manager Mobile (EPMM). The updates apply only to on-prem EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1, and Ivanti said the issues are not present in Ivanti Neurons for MDM, Ivanti EPM, Ivanti Sentry, or other Ivanti products.

Open Happening

CISA KEV action for CVE-2026-31431 and FCEB remediation

Public Sector Action
First: 03.05.2026 09:26 Last: 03.05.2026 09:26 Sources 1

About this happening: CISA added **CVE-2026-31431** to its **KEV catalog**, putting **Federal Civilian Executive Branch (FCEB)** agencies on notice to remediate an actively exploited Linux privilege-es...

Open Happening

Timeline

  1. 13.02.2026 00:05 1 articles · 3mo ago

    Ivanti EPMM attacks hit European Commission and government agencies

    Campaign Scope Update

    Reported on Feb. 12, 2026, attacks tied to Ivanti Endpoint Manager Mobile (EPMM) had struck the European Commission and agencies of the Dutch and Finnish governments after Ivanti disclosed CVE-2026-1281 and CVE-2026-1340 on Jan. 29. The European Commission said its central infrastructure managing mobile devices was hit on Jan. 30, with staff names and mobile numbers compromised, while Valtori said an attack of the same nature affected around 50,000 people associated with Finland's central government and leaked names, email addresses, phone numbers, and other device details.

    Show sources
    Open in new tab
  2. 30.01.2026 06:43 2 articles · 3mo ago

    Ivanti releases EPMM fixes for two zero-day RCE flaws

    Mitigation Patch Update

    Ivanti released security updates for Ivanti Endpoint Manager Mobile (EPMM) after two critical code-injection flaws, CVE-2026-1281 and CVE-2026-1340, were exploited in zero-day attacks. The issues allow unauthenticated remote code execution in the In-House Application Distribution and Android File Transfer Configuration features, affect EPMM 12.5.0.0 and prior, 12.6.0.0 and prior, 12.7.0.0 and prior, and are fixed in RPM 12.x.0.x and RPM 12.x.1.x, with a permanent fix planned for EPMM 12.8.0.0 in Q1 2026.

    Show sources
    Open in new tab
  3. 30.01.2026 06:43 2 articles · 3mo ago

    CISA adds CVE-2026-1281 to the KEV catalog

    Legal Policy Action Update

    CISA added CVE-2026-1281 to the Known Exploited Vulnerabilities (KEV) catalog, and Federal Civilian Executive Branch (FCEB) agencies must apply the updates by February 1, 2026. The policy action raises remediation urgency for Ivanti Endpoint Manager Mobile (EPMM) deployments exposed to the actively exploited zero-day flaw.

    Show sources
    Open in new tab