CVE-2026-1340 — Ivanti Endpoint Manager Mobile (EPMM): Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
CVE-2026-1340 — Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution.
What This Means For You
- CISA has confirmed active exploitation — immediate patching required.
- Added to CISA KEV catalog — federal agencies must remediate by 2026-04-11.
Related ATT&CK Techniques
🛡️ Detection Rules
1 rule · 6 SIEM formats1 detection rule mapped to MITRE ATT&CK. Free Sigma YAML below.
Web Application Exploitation Attempt — CVE-2026-1340
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-1340 | Code Injection | Ivanti Endpoint Manager Mobile (EPMM) - unauthenticated remote code execution vulnerability |
| CVE-2026-1340 | RCE | Ivanti Endpoint Manager Mobile (EPMM) - unauthenticated remote code execution vulnerability |
Source & Attribution
| Source Platform | CISA |
| Channel | CISA KEV |
| Published | April 08, 2026 at 15:00 UTC |
This content was curated and summarized by Shimi's Cyber World for informational purposes. It is not copied or republished in full. All intellectual property rights remain with the original author and source.
Believe this infringes your rights? Submit a takedown request.
Related coverage
Daily Security Digest — 2026-05-22
13 vulnerability disclosures (5 Critical, 8 High) and 14 curated intelligence stories from 6 sources.
WordPress Ditty Plugin: Authorization Bypass Exposes Non-Public Content
CVE-2026-9011 — The Ditty – Responsive News Tickers, Sliders, and Lists plugin for WordPress is vulnerable to authorization bypass in all versions up to, and...
CVE-2026-8692 — The Vedrixa Forms – User Registration Form, Signup Form &
CVE-2026-8692 — The Vedrixa Forms – User Registration Form, Signup Form & Drag & Drop Form Builder plugin for WordPress is vulnerable to authorization bypass...