Critical Ivanti EPMM Vulnerabilities Expose Systems to Arbitrary Code Execution Attacks
In February 2026, threat actors actively exploited two critical remote code execution (RCE) vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM). A recen...
Ivanti
4 articles
ZDI-26-080: Ivanti Endpoint Manager AuthHelper Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Endpoint Manager. Authentication is not required to e...
ZDI-26-079: Ivanti Endpoint Manager ROI SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is required to expl...
European Governments Breached in Zero-Day Attacks Targeting Ivanti
The European Commission and government agencies in Finland and the Netherlands have suffered potentially related breaches