Ivanti

476 tracked vulnerabilities.

CVE-2026-1603 HIGHNUCLEI
Ivanti Endpoint Manager < 2024 - Authentication Bypass
Feb 10, 2026
CVSS 8.6
EPSS 0.12
CVE-2026-1602 MEDIUM
Ivanti Endpoint Manager < 2024 - SQL Injection
Feb 10, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-1340 CRITICAL
Ivanti Endpoint Manager Mobile - Code Injection
Jan 29, 2026
CVSS 9.8
EPSS 0.51
CVE-2026-1281 CRITICALKEV
Ivanti Endpoint Manager Mobile (EPMM) unauthenticated RCE
Jan 29, 2026
CVSS 9.8
EPSS 0.65
CVE-2025-13662 HIGH
Ivanti Endpoint Manager < 2024 - Signature Verification Bypass
Dec 09, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-13661 HIGH
Ivanti Endpoint Manager < 2024 - Path Traversal
Dec 09, 2025
CVSS 7.1
EPSS 0.02
CVE-2025-13659 HIGH
Ivanti Endpoint Manager < 2024 - Remote Code Execution
Dec 09, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-10573 CRITICAL
Ivanti Endpoint Manager < 2024 - XSS
Dec 09, 2025
CVSS 9.6
EPSS 0.00
CVE-2025-10918 HIGH
Ivanti Endpoint Manager < 2024 - Incorrect Default Permissions
Nov 11, 2025
CVSS 7.1
EPSS 0.00
CVE-2025-10986 MEDIUM
Ivanti EPMM <12.6.0.2-12.4.0.4 - Path Traversal
Oct 14, 2025
CVSS 4.7
EPSS 0.01
CVE-2025-10985 HIGH
Ivanti EPMM <12.6.0.2-12.4.0.4 - Command Injection
Oct 14, 2025
CVSS 7.2
EPSS 0.04
CVE-2025-10243 HIGH
Ivanti Endpoint Manager Mobile < 12.4.0.4 - OS Command Injection
Oct 14, 2025
CVSS 7.2
EPSS 0.04
CVE-2025-10242 HIGH
Ivanti Endpoint Manager Mobile < 12.4.0.4 - OS Command Injection
Oct 14, 2025
CVSS 7.2
EPSS 0.03
CVE-2025-62392 MEDIUM
Ivanti Endpoint Manager < 2024 - SQL Injection
Oct 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-62391 MEDIUM
Ivanti Endpoint Manager < 2024 - SQL Injection
Oct 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-62390 MEDIUM
Ivanti Endpoint Manager < 2024 - SQL Injection
Oct 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-62389 MEDIUM
Ivanti Endpoint Manager < 2024 - SQL Injection
Oct 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-62388 MEDIUM
Ivanti Endpoint Manager < 2024 - SQL Injection
Oct 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-62387 MEDIUM
Ivanti Endpoint Manager < 2024 - SQL Injection
Oct 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-62386 MEDIUM
Ivanti Endpoint Manager < 2024 - SQL Injection
Oct 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-62385 MEDIUM
Ivanti Endpoint Manager < 2024 - SQL Injection
Oct 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-62384 MEDIUM
Ivanti Endpoint Manager < 2024 - SQL Injection
Oct 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-62383 MEDIUM
Ivanti Endpoint Manager < 2024 - SQL Injection
Oct 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-11623 MEDIUM
Ivanti Endpoint Manager < 2024 - SQL Injection
Oct 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-9713 HIGH
Ivanti Endpoint Manager <2024 SU4 - Path Traversal
Oct 13, 2025
CVSS 8.8
EPSS 0.02
Products
connect_secure 130 avalanche 117 endpoint_manager 113 policy_secure 77 endpoint_manager_mobile 23 workspace_control 22 secure_access_client 18 zero_trust_access_gateway 17 neurons_for_secure_access 15 cloud_services_appliance 7 neurons_for_itsm 6 landesk_management_suite 6 neurons_for_zero-trust_access 5 endpoint_manager_cloud_services_appliance 5 desktop_\&_server_management 5 incapptic_connect 3 security_controls 3 standalone_sentry 2 automation 2 mobileiron 2 application_control 2 docs\@work 1 pulse_secure_desktop_client 1 pulse_secure_installer_service 1 service_manager 1 service_manager_heat_remote_control 1 velocity_license_server 1 virtual_application_delivery_controller 1 virtual_traffic_management 1 desktop\&server_management 1
Quick Filters
Critical CVEs With Exploits In CISA KEV