CVE-2026-5787
Ivanti has released security updates for several high severity vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM). CVE-2026-6973 is an Improper Input Validation vulnerability in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1. Successful exploitation allows a remotely authenticated user with administrative access to achieve remote code execution. Currently, a limited number of exploitations has been observed. CVE-2026-5786 is an Improper Access Control vulnerability in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1. Successful exploitation could allow a remote authenticated attacker to gain administrative access. CVE-2026-5787 is an Improper Certificate Validation vulnerability affecting Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1. Successful exploitation could allow a remote unauthenticated attacker to impersonate registered Sentry hosts and obtain valid CA-signed client certificates. CVE-2026-7821 is an Improper Certificate Validation vulnerability in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1. Successful exploitation allows a remote unauthenticated attacker to unroll a device belonging to a restricted set of unenrolled devices, leading to information disclosure about the EPMM appliance and impacting the integrity of the newly enrolled device’s identity. CVE-2026-5788 is an Improper Access Control vulnerability in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1. It allows a remote unauthenticated attacker to invoke arbitrary methods. Patch The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing. Monitor/Detect The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
EPSS 0.06% · 18.7th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ivanti | : Ivanti Endpoint Manager Mobile (EPMM) before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 |
Timeline
- May 7, 2026 CVE Published
- May 7, 2026 PoC Published
- May 7, 2026 PoC Published
- May 7, 2026 PoC Published
- May 7, 2026 PoC Published
- May 7, 2026 PoC Published
- May 7, 2026 PoC Published
- May 7, 2026 Security Advisory
- May 7, 2026 CVE Updated
- May 8, 2026 EPSS Score
- May 18, 2026 EPSS Score
- May 19, 2026 EPSS Score