Threat Intelligence Report

Critical Vulnerabilities in Ivanti EPMM Exploited

📅 February 17, 2026 📰 unit42.paloaltonetworks.com 🔍 2 CVE(s) referenced

Threat actors are rapidly and widely exploiting two critical zero-day vulnerabilities in Ivanti Endpoint Manager Mobile (CVE-2026-1281 and CVE-2026-1340) to gain unauthenticated remote code execution and persistent control over enterprise mobile device infrastructure, underscoring the urgent need for immediate patching and compromise assessment.

vendor

CVE-2026-1340, CVE-2026-1281

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle