Browse all 363 CVE security advisories affecting Ivanti. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Ivanti provides enterprise IT service management and endpoint management solutions, primarily facilitating workflow automation and device control for large organizations. The company’s software portfolio has historically been a significant target for attackers, resulting in a substantial record of 358 Common Vulnerabilities and Exposures. These security flaws frequently involve critical classes such as remote code execution, cross-site scripting, and privilege escalation, often stemming from complex integrations within its service management platforms. A notable incident occurred in 2021 when the SambaCry vulnerability allowed unauthenticated remote code execution, compromising thousands of systems globally. This event underscored the risks associated with legacy codebases and insufficient patch management cycles. Consequently, Ivanti has faced intense scrutiny regarding its development practices and incident response capabilities, prompting industry-wide recommendations for immediate isolation and rigorous vulnerability scanning of affected endpoints to mitigate potential data breaches and operational disruptions.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-5787 | Ivanti EPMM 信任管理问题漏洞 — Endpoint Manager MobileCWE-295 | 8.9 | High | 2026-05-07 |
| CVE-2026-5788 | Ivanti EPMM 访问控制错误漏洞 — Endpoint Manager MobileCWE-284 | 7.0 | High | 2026-05-07 |
| CVE-2026-7821 | Ivanti EPMM 信任管理问题漏洞 — Endpoint Manager MobileCWE-295 | 7.4 | High | 2026-05-07 |
| CVE-2026-6973 | Ivanti EPMM 输入验证错误漏洞 — Endpoint Manager MobileCWE-20 | 7.2 | High | 2026-05-07 |
| CVE-2026-5786 | Ivanti EPMM 访问控制错误漏洞 — Endpoint Manager MobileCWE-284 | 8.8 | High | 2026-05-07 |
| CVE-2026-1340 | Ivanti Endpoint Manager Mobile 代码注入漏洞 — Endpoint Manager MobileCWE-94 | 9.8 | Critical | 2026-01-29 |
| CVE-2026-1281 | Ivanti Endpoint Manager Mobile 代码注入漏洞 — Endpoint Manager MobileCWE-94 | 9.8 | Critical | 2026-01-29 |
| CVE-2025-10986 | Ivanti EPMM 路径遍历漏洞 — Endpoint Manager MobileCWE-22 | 4.7 | Medium | 2025-10-14 |
| CVE-2025-10985 | Ivanti EPMM 操作系统命令注入漏洞 — Endpoint Manager MobileCWE-78 | 7.2 | High | 2025-10-14 |
| CVE-2025-10243 | Ivanti EPMM 操作系统命令注入漏洞 — Endpoint Manager MobileCWE-78 | 7.2 | High | 2025-10-14 |
| CVE-2025-10242 | Ivanti EPMM 操作系统命令注入漏洞 — Endpoint Manager MobileCWE-78 | 7.2 | High | 2025-10-14 |
| CVE-2025-6771 | OS command injection in Ivanti Endpoint Manager — Endpoint Manager MobileCWE-78 | 7.2 | High | 2025-07-08 |
| CVE-2025-6770 | OS command injection in Ivanti Endpoint Manager — Endpoint Manager MobileCWE-78 | 7.2 | High | 2025-07-08 |
| CVE-2025-4428 | Remote Code Execution — Endpoint Manager MobileCWE-94 | 7.2 | High | 2025-05-13 |
| CVE-2025-4427 | Authentication Bypass — Endpoint Manager MobileCWE-288 | 5.3 | Medium | 2025-05-13 |
| CVE-2024-7612 | Ivanti Endpoint Manager Mobile 安全漏洞 — Endpoint Manager MobileCWE-732 | 8.8 | High | 2024-10-08 |
| CVE-2023-35078 | Ivanti Endpoint Manager Mobile 授权问题漏洞 — Endpoint Manager Mobile | 9.8 | - | 2023-07-25 |
This page lists every published CVE security advisory associated with Ivanti. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.