Telekom Security

Mass exploitation of CVE-2026-1281 and CVE-2026-1340 in Ivanti EPMM
03 Mar 2026
In early 2026, two critical zero-day vulnerabilities in Ivanti’s mobile device management platform - CVE-2026-1281 and CVE-2026-1340 - emerged as significant drivers of incident activity across multiple sectors. Both flaws, rated CVSS 9.8 (critical), allow unauthenticated remote code execution, enabling attackers to compromise Ivanti Endpoint Manager Mobile (EPMM) appliances and potentially pivot into broader enterprise environments.

Continue Reading →

Mass exploitation of CVE-2026-1281 and CVE-2026-1340 in Ivanti EPMM