fromTheregister
3 days agoIvanti's January bad luck continues as 0-days hit customers
Tracked as CVE-2026-1281 and CVE-2026-1340, both bugs affect Ivanti Endpoint Manager Mobile (EPMM). They're also both rated a near-maximum CVSS score of 9.8 and allow for unauthenticated remote code execution (RCE) - about as bad as it gets. The security shop said in its advisory: "We are aware of a very limited number of customers whose solution has been exploited at the time of disclosure.
Information security