Active, unauthenticated RCE in Ivanti EPMM — interim RPMs stop attacks but 12.8.0.0 (Q1 2026) is the real fix
Two critical Ivanti EPMM zero-days (CVE-2026-1281 and CVE-2026-1340) are being exploited in the wild to achieve unauthenticated remote code execution. Interim RPM patches stop the immediate attacks, but they must be re-applied after upgrades; a permanent fix is scheduled for EPMM 12.8.0.0 in Q1 2026. Observed exploitation and its immediate effects Attackers are sending simple, […]
