CVE-2026-1340 — Ivanti Endpoint Manager Mobile (EPMM): Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
CVE-2026-1340 — Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution.
What This Means For You
- CISA has confirmed active exploitation — immediate patching required.
- Added to CISA KEV catalog — federal agencies must remediate by 2026-04-11.
Related ATT&CK Techniques
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-1340 | Code Injection | Ivanti Endpoint Manager Mobile (EPMM) - unauthenticated remote code execution vulnerability |
| CVE-2026-1340 | RCE | Ivanti Endpoint Manager Mobile (EPMM) - unauthenticated remote code execution vulnerability |
🛠 Recommended Tools
🛡️
Want the IOCs from this threat?
Get structured IOC exports and weekly threat briefs — delivered instantly to your Telegram.
Get My Intel →
Source & Attribution
| Source Platform | CISA |
| Channel | CISA KEV |
| Channel ID | cisa-kev |
| Message ID | 20261340 |
| Published | April 08, 2026 at 15:00 UTC |
| Original Link | https://hub.ivanti.com/s/article/Security-Advisory-Ivanti... |
This content was curated and summarized by Shimi's Cyber World for informational purposes. It is not copied or republished in full. All intellectual property rights remain with the original author and source.
Believe this infringes your rights? Submit a takedown request.
Found this interesting? Follow us to stay ahead.
Share