A wave of cyberattacks exploiting two critical code-injection vulnerabilities in Ivanti Endpoint Manager Mobile (tracked as CVE-2026-1281 and CVE-2026-1340) has prompted emergency warnings from national security agencies worldwide. Ivanti released patches and urged customers to treat exposed systems as potentially compromised after confirmed and suspected breaches affected Dutch government bodies and mobile management infrastructure in the European Commission and healthcare networks. #IvantiEPMM #CVE2026-1281
Keypoints
- Two critical code-injection flaws in Ivanti EPMM (CVE-2026-1281, CVE-2026-1340) can allow takeover of managed mobile devices without credentials.
- Ivanti issued patches and advised customers to assume compromise and review logs for signs of exploitation.
- Confirmed or suspected intrusions include the Dutch Data Protection Authority, the Judicial Council, and the European Commissionβs mobile management infrastructure.
- CISA added one of the flaws to its Known Exploited Vulnerabilities Catalog, with alerts also issued by agencies in Canada, Singapore, and the UK.
- Edge device management platforms are high-value internet-facing targets and are rapidly weaponized after disclosure, with similar EPMM exploitation seen in 2023.
Read More: https://therecord.media/eu-dutch-government-announce-hacks-ivanti-zero-days