ivanti

496 tracked vulnerabilities.

CVE-2026-8992 HIGH
Ivanti Secure Access Client - Improper Certificate Validation
May 22, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-8111 HIGH
Ivanti Endpoint Manager - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
May 12, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-8110 HIGH
Ivanti Endpoint Manager < 2024 SU6 - Authenticated Privilege Escalation via Incorrect Agent Permissions
May 12, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-8109 MEDIUM
Ivanti Endpoint Manager < 2024 SU6 - Authenticated Credential Leak via Exposed Core Server Method
May 12, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-8051 HIGH
Ivanti Virtual Traffic Manager - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
May 12, 2026
CVSS 7.2
EPSS 0.01
CVE-2026-8043 CRITICAL
Ivanti Xtraction < 2026.2 - Authenticated Path Traversal and Arbitrary File Write
May 12, 2026
CVSS 9.6
EPSS 0.00
CVE-2026-7432 HIGH
Ivanti Secure Access Client - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
May 12, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-7431 MEDIUM
Ivanti Secure Access Client - Incorrect Permission Assignment for Critical Resource
May 12, 2026
CVSS 4.4
EPSS 0.00
CVE-2026-7821 HIGH
Ivanti Endpoint Manager Mobile < 12.6.1.1, < 12.7.0.1, < 12.8.0.1 - Unauthenticated Improper Certificate Validation
May 07, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-6973 HIGH KEV
Ivanti Endpoint Manager Mobile < 12.6.1.1, < 12.7.0.1, < 12.8.0.1 - Authenticated Remote Code Execution
May 07, 2026
CVSS 7.2
EPSS 0.05
CVE-2026-5788 HIGH
Ivanti Endpoint Manager Mobile < 12.6.1.1, < 12.7.0.1, < 12.8.0.1 - Unauthenticated Arbitrary Method Invocation
May 07, 2026
CVSS 7.0
EPSS 0.00
CVE-2026-5787 HIGH
Ivanti Endpoint Manager Mobile < 12.6.1.1, 12.7.0.1, 12.8.0.1 - Unauthenticated Certificate Spoofing
May 07, 2026
CVSS 8.9
EPSS 0.00
CVE-2026-5786 HIGH
Ivanti Endpoint Manager Mobile < 12.6.1.1, < 12.7.0.1, < 12.8.0.1 - Authenticated Privilege Escalation
May 07, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-4914 MEDIUM
Ivanti Neurons for ITSM < 2025.4 - Authenticated Stored Cross-Site Scripting
Apr 14, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-4913 MEDIUM
Ivanti N-ITSM <2025.4 - Auth Bypass
Apr 14, 2026
CVSS 5.7
EPSS 0.00
CVE-2026-3483 HIGH
Ivanti DSM <2026.1.1 - Privilege Escalation
Mar 10, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-1603 HIGH KEVNUCLEI
Ivanti Endpoint Manager < 2024 SU5 - Unauthenticated Credential Data Leak
Feb 10, 2026
CVSS 8.6
EPSS 0.56
CVE-2026-1602 MEDIUM
Ivanti Endpoint Manager < 2024 SU5 - Authenticated SQL Injection
Feb 10, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-1340 CRITICAL KEV
Ivanti Endpoint Manager Mobile - Code Injection
Jan 29, 2026
CVSS 9.8
EPSS 0.66
CVE-2026-1281 CRITICAL KEV
Ivanti Endpoint Manager Mobile (EPMM) unauthenticated RCE
Jan 29, 2026
CVSS 9.8
EPSS 0.79
CVE-2025-13662 HIGH
Ivanti Endpoint Manager < 2024 SU4 SR1 - Remote Code Execution via Signature Bypass
Dec 09, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-13661 HIGH
Ivanti Endpoint Manager < 2024 SU4 SR1 - Authenticated Path Traversal and Arbitrary File Write
Dec 09, 2025
CVSS 7.1
EPSS 0.01
CVE-2025-13659 HIGH
Ivanti Endpoint Manager < 2024 SU4 SR1 - Unauthenticated Arbitrary File Write and Remote Code Execution
Dec 09, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-10573 CRITICAL
Ivanti Endpoint Manager < 2024 SU4 SR1 - Unauthenticated Stored Cross-Site Scripting
Dec 09, 2025
CVSS 9.6
EPSS 0.00
CVE-2025-10918 HIGH
Ivanti Endpoint Manager < 2024 SU4 - Authenticated Arbitrary File Write via Insecure Default Permissions
Nov 11, 2025
CVSS 7.1
EPSS 0.00
Products
connect_secure 130 avalanche 117 endpoint_manager 116 policy_secure 77 endpoint_manager_mobile 28 workspace_control 22 secure_access_client 20 zero_trust_access_gateway 17 neurons_for_secure_access 15 cloud_services_appliance 7 Endpoint Manager Mobile 6 desktop_\&_server_management 6 landesk_management_suite 6 neurons_for_itsm 6 endpoint_manager_cloud_services_appliance 5 neurons_for_zero-trust_access 5 Endpoint Manager 3 Secure Access Client 3 incapptic_connect 3 security_controls 3 Connect Secure 2 Neurons for ITSM (Cloud) 2 Neurons for ITSM (On-Premise) 2 application_control 2 automation 2 mobileiron 2 standalone_sentry 2 virtual_traffic_manager 2 LANDesk Management Suite 1 Policy Secure 1
Quick Filters
Critical CVEs With Exploits In CISA KEV