CVE-2026-1281 - Geek Feed

One threat actor responsible for 83% of recent Ivanti RCE attacks

February 20, 2026February 20, 2026 geekfeed0Tagged Actively Exploited, CVE-2026-1281, CVE-2026-1340, Ivanti, Ivanti Endpoint Manager Mobile, rce, Remote Code Execution, vulnerability

Threat intelligence observations show that a single threat actor is responsible for most of the active exploitation of two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340. The security issues have been flagged as actively exploited in zero-day attacks in Ivanti’s security advisory, where the company also announced hotfixes. Both flaws received a critical severity rating and […]

3 mins read

Ivanti warns of two EPMM flaws exploited in zero-day attacks

February 2, 2026February 2, 2026 geekfeed0Tagged 0day, Actively Exploited, CVE-2026-1281, CVE-2026-1340, Ivanti, Ivanti Endpoint Manager Mobile, Zero-Day

Ivanti has disclosed two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340, that were exploited in zero-day attacks. The flaws are code-injection vulnerabilities that allow remote attackers to execute arbitrary code on vulnerable devices without authentication. Both vulnerabilities have a CVSS score of 9.8 and are rated as critical. “We are aware […]

5 mins read