๐ฅ This vulnerability is being actively exploited in the wild (CISA Known Exploited Vulnerabilities catalog)
CVE-2026-1340: Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
Summary
Ivanti Endpoint Manager Mobile (EPMM) has a code injection vulnerability (a flaw that lets attackers insert malicious code) that allows attackers to run commands on the system without needing to log in first. This vulnerability is currently being exploited by real attackers in the wild.
Solution / Mitigation
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Check for signs of potential compromise on all internet accessible Ivanti products affected by this vulnerability. Apply any final mitigations provided by the vendor as soon as possible. Security updates are available at https://support.mobileiron.com/mi/vsp/AB1786671/ivanti-security-update-1761642-1.1.0S-5.noarch.rpm and https://support.mobileiron.com/mi/vsp/AB1786671/ivanti-security-update-1761642-1.1.0L-5.noarch.rpm
Vulnerability Details
EPSS: 67.7%
Yes
๐ฅ Actively Exploited
April 7, 2026
Classification
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-1340
First tracked: April 8, 2026 at 02:00 PM
Classified by LLM (prompt v3) ยท confidence: 95%