CVSS: 8.6EPSS: 55%CPEs: 1EXPL: 0CVE-2026-1603 – Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2026-1603
10 Feb 2026 — An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data. This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Endpoint Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the AuthHelper class. The issue results from using an alternative, weak authentication path. An attacker can leverage this vulnerability t... • https://hub.ivanti.com/s/article/Security-Advisory-EPM-February-2026-for-EPM-2024?language=en_US • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2026-1602 – Ivanti Endpoint Manager ROI SQL Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2026-1602
10 Feb 2026 — SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within the ROI class. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can l... • https://hub.ivanti.com/s/article/Security-Advisory-EPM-February-2026-for-EPM-2024?language=en_US • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 79%CPEs: 2EXPL: 1CVE-2026-1281 – Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
https://notcve.org/view.php?id=CVE-2026-1281
29 Jan 2026 — A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution. Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution. • https://packetstorm.news/files/id/215279 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-13662 – Ivanti Endpoint Manager HIIDriver Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-13662
09 Dec 2025 — Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. Alternatively, no ... • https://forums.ivanti.com/s/article/Security-Advisory-EPM-December-2025-for-EPM-2024 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.1EPSS: 2%CPEs: 1EXPL: 0CVE-2025-13661 – Ivanti Endpoint Manager CAB File Parsing Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-13661
09 Dec 2025 — Path traversal in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote authenticated attacker to write arbitrary files outside of the intended directory. User interaction is required. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within the parsing of CAB files. The issue results from the lack of proper validation of a user-supplied ... • https://forums.ivanti.com/s/article/Security-Advisory-EPM-December-2025-for-EPM-2024 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2025-13659
https://notcve.org/view.php?id=CVE-2025-13659
09 Dec 2025 — Improper control of dynamically managed code resources in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote, unauthenticated attacker to write arbitrary files on the server, potentially leading to remote code execution. User interaction is required. • https://forums.ivanti.com/s/article/Security-Advisory-EPM-December-2025-for-EPM-2024 • CWE-913: Improper Control of Dynamically-Managed Code Resources •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-10573
https://notcve.org/view.php?id=CVE-2025-10573
09 Dec 2025 — Stored XSS in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary JavaScript in the context of an administrator session. User interaction is required. • https://forums.ivanti.com/s/article/Security-Advisory-EPM-December-2025-for-EPM-2024 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-10986
https://notcve.org/view.php?id=CVE-2025-10986
14 Oct 2025 — Path traversal in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to write data in unintended locations on disk. • https://forums.ivanti.com/s/article/Security-Advisory-Endpoint-Manager-Mobile-EPMM-10-2025-Multiple-CVEs?language=en_US • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.2EPSS: 4%CPEs: 3EXPL: 0CVE-2025-10985
https://notcve.org/view.php?id=CVE-2025-10985
14 Oct 2025 — OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution. • https://forums.ivanti.com/s/article/Security-Advisory-Endpoint-Manager-Mobile-EPMM-10-2025-Multiple-CVEs?language=en_US • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.2EPSS: 4%CPEs: 3EXPL: 0CVE-2025-10243
https://notcve.org/view.php?id=CVE-2025-10243
14 Oct 2025 — OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution. • https://forums.ivanti.com/s/article/Security-Advisory-Endpoint-Manager-Mobile-EPMM-10-2025-Multiple-CVEs?language=en_US • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •