48
CVEs
4
Critical
24
High
5
KEV
2
PoC
27
Unpatched C/H
2.1%
Patch Rate
7.8%
Avg EPSS
Severity Breakdown
CRITICAL
4
HIGH
24
MEDIUM
20
LOW
0
Monthly CVE Trend
Affected Products (22)
Connect Secure
31
Endpoint Manager
30
Policy Secure
30
Zero Trust Access Gateway
16
Neurons For Secure Access
15
Avalanche
6
Stack Overflow
5
Endpoint Manager Mobile
5
Memory Corruption
5
Command Injection
3
Cloud Services Appliance
3
Workspace Control
3
Neurons For Zero Trust Access
2
Jwt Attack
1
Neurons For Itsm
1
Deserialization
1
Virtual Application Delivery Controller
1
Security Controls
1
Application Control
1
Heap Overflow
1
Secure Access Client
1
PHP
1
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2025-4427 | An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to access protected resources without proper credentials via the API. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available. | MEDIUM | 5.3 | 91.6% | 188 |
KEV
PoC
No patch
|
| CVE-2026-1340 | Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that allows unauthenticated attackers to achieve remote code execution on the mobile device management server. Compromising the MDM server provides access to all managed mobile device configurations, policies, and potentially the ability to push malicious profiles to enrolled devices. | CRITICAL | 9.8 | 50.9% | 170 |
KEV
PoC
No patch
|
| CVE-2026-1281 | Ivanti Endpoint Manager Mobile (EPMM) contains a critical code injection vulnerability (CVE-2026-1281, CVSS 9.8) that allows unauthenticated remote attackers to execute arbitrary code. With EPSS 64.8% and KEV listing, this vulnerability in the mobile device management platform threatens the security of every managed mobile device in the organization, as EPMM has the ability to push configurations, certificates, and apps to enrolled devices. | CRITICAL | 9.8 | 64.8% | 164 |
KEV
|
| CVE-2026-1603 | Ivanti Endpoint Manager before 2024 SU5 contains an authentication bypass (CVE-2026-1603, CVSS 8.6) that allows unauthenticated remote attackers to leak stored credential data. KEV-listed with EPSS 43.9%, this vulnerability exposes credentials stored in the endpoint management platform — potentially including service accounts, deployment credentials, and other secrets used to manage the entire endpoint fleet. | HIGH | 8.6 | 43.9% | 137 |
KEV
No patch
|
| CVE-2025-4428 | Ivanti Endpoint Manager Mobile (EPMM) contains an authenticated code injection in the API component, allowing authenticated attackers to execute arbitrary code through crafted API requests. | HIGH | 7.2 | 45.3% | 131 |
KEV
No patch
|
| CVE-2025-6771 | OS command injection in Ivanti Endpoint Manager Mobile (EPMM) before version 12.5.0.2,12.4.0.3 and 12.3.0.3 allows a remote authenticated attacker with high privileges to achieve remote code execution | HIGH | 7.2 | 20.8% | 57 |
No patch
|
| CVE-2025-22462 | An authentication bypass in Ivanti Neurons for ITSM (on-prem only) before 2023.4, 2024.2 and 2024.3 with the May 2025 Security Patch allows a remote unauthenticated attacker to gain administrative. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available. | CRITICAL | 9.8 | 6.6% | 56 |
No patch
|
| CVE-2023-38036 | CVE-2023-38036 is a critical unauthenticated buffer overflow vulnerability in Ivanti Avalanche Manager prior to version 6.4.1 that allows remote attackers to cause denial of service or achieve arbitrary code execution without authentication. With a CVSS score of 9.8 and network-based attack vector, this vulnerability has significant real-world exploitability risk and affects all organizations deploying vulnerable Avalanche Manager instances. | CRITICAL | 9.8 | 2.2% | 51 |
No patch
|
| CVE-2025-6770 | OS command injection in Ivanti Endpoint Manager Mobile (EPMM) before version 12.5.0.2 allows a remote authenticated attacker with high privileges to achieve remote code execution | HIGH | 7.2 | 12.0% | 48 |
No patch
|
| CVE-2025-8297 | Incomplete restriction of configuration in Ivanti Avalanche before version 6.4.8.8008 allows a remote authenticated attacker with admin privileges to achieve remote code execution. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available. | HIGH | 7.2 | 9.3% | 45 |
No patch
|
| CVE-2025-22455 | Cryptographic weakness in Ivanti Workspace Control prior to version 10.19.0.0 that uses a hardcoded encryption key to protect SQL database credentials stored locally. A local authenticated attacker with user-level privileges can exploit this to decrypt and extract stored SQL credentials without elevated permissions, potentially leading to lateral movement and data exfiltration. The CVSS 8.8 score reflects high severity due to confidentiality and integrity impacts across system boundaries, though exploitation requires local access and valid authentication. | HIGH | 8.8 | 0.3% | 44 |
No patch
|
| CVE-2025-5353 | Credential disclosure vulnerability in Ivanti Workspace Control versions before 10.19.10.0, where a hardcoded cryptographic key enables local authenticated attackers to decrypt stored SQL database credentials. This allows privilege escalation and lateral movement within enterprise environments. With a CVSS score of 8.8 and local attack vector requiring authentication, exploitation requires internal access but poses significant risk to SQL database security and overall system compromise. | HIGH | 8.8 | 0.3% | 44 |
No patch
|
| CVE-2025-6995 | A security vulnerability in the agent of Ivanti Endpoint Manager (CVSS 8.4) that allows a local authenticated attacker. High severity vulnerability requiring prompt remediation. | HIGH | 8.4 | 0.1% | 42 |
No patch
|
| CVE-2025-6996 | A security vulnerability in the agent of Ivanti Endpoint Manager (CVSS 8.4) that allows a local authenticated attacker. High severity vulnerability requiring prompt remediation. | HIGH | 8.4 | 0.1% | 42 |
No patch
|
| CVE-2025-8296 | SQL injection in Ivanti Avalanche before version 6.4.8.8008 allows a remote authenticated attacker with admin privileges to execute arbitrary SQL queries. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available. | HIGH | 7.2 | 5.3% | 41 |
No patch
|