CVE-2026-1281 — Vulnetix

CVE-2026-1281 PUBLISHED KEV CVSS 9.800000190734863 CRITICAL

30. Januar 2026 Ivanti hat ein Security Advisory bezüglich kritischer Schwachstellen im Endpoint Manager Mobile veröffentlicht. Diese Sicherheitslücken werden bereits aktiv ausgenutzt. CVE-Nummer(n): CVE-2026-1281, CVE-2026-1340 CVSS Base Score: 9.8

EPSS 81.59% · 99.2th percentile

Risk Scores

CVSS 3.1

9.800000190734863

EPSS Score

81.59%

99.2th percentile

Affected Products

Vendor	Product	Versions
Ivanti	Ivanti EPMM 12.5.0.0, 12.6.0.0, 12.7.0.0 sowie 12.5.1.0 und 12.6.1.0 und jeweils ältere Versionen

Exploit Intelligence

(enisa-kev)
CIRCL seen: CVE-2026-1281 (circl-sighting)
CIRCL exploited: CVE-2026-1281 (circl-sighting)
CIRCL exploited: CVE-2026-1281 (circl-sighting)
CIRCL exploited: CVE-2026-1281 (circl-sighting)
CIRCL exploited: CVE-2026-1281 (circl-sighting)
CIRCL exploited: CVE-2026-1281 (circl-sighting)
CIRCL seen: CVE-2026-1281 (circl-sighting)
CIRCL exploited: CVE-2026-1281 (circl-sighting)
CIRCL exploited: CVE-2026-1281 (circl-sighting)

…and 369 more exploits

Timeline

Jun 8, 2025 CrowdSec Sighting
Jan 29, 2026 CISA KEV Added
Jan 29, 2026 PoC Published
Jan 29, 2026 CVE Published
Jan 29, 2026 PoC Published
Jan 29, 2026 PoC Published
Jan 29, 2026 PoC Published
Jan 29, 2026 PoC Published
Jan 29, 2026 PoC Published
Jan 29, 2026 PoC Published
Jan 30, 2026 PoC Published
Jan 30, 2026 EPSS Score

References

https://www.cert.at/de/warnungen/2026/1/kritische-schwachstellen-in-ivanti-endpoint-manager-mobile-updates-empfohlen advisory

Open in Interactive Console →