Ivanti security advisory (AV26-068)

Serial number: AV26-068
Date: January 29, 2026

On January 29, 2026, Ivanti published a security advisory to address critical vulnerabilities in the following product:

• Ivanti Endpoint Manager Mobile – version 12.5.0.0 and prior, 12.6.0.0 and prior, 12.7.0.0 and prior, version 12.5.1.0 and prior and 12.6.1.0 and prior

Ivanti has stated that vulnerabilities CVE-2026-1281 & CVE-2026-1340 have been exploited in the wild.

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• Security Advisory Ivanti Endpoint Manager Mobile (EPMM) (CVE-2026-1281 & CVE-2026-1340)
• Analysis Guidance Ivanti Endpoint Manager Mobile (EPMM) CVE-2026-1281 & CVE-2026-1340
• Ivanti Security Advisories