CISA Warns of Critical Ivanti EPMM Code Injection Vulnerability Exploited in Attacks

Thu Apr 09 2026

Government

Mobile

Patch Management

Vulnerability

cybersecuritynews.com

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical security flaw in Ivanti Endpoint Manager Mobile (EPMM). The agency recently added this flaw, tracked as CVE-2026-1340, to its Known Exploited Vulnerabilities (KEV) catalog after confirming it is being actively exploited in real-world cyberattacks. This means the software fails to […] The post CISA Warns of Critical Ivanti EPMM Code Injection Vulnerability Exploited in Attacks appeared first on Cyber Security News.