CVE-2025-10986
published 2025-10-14CVE-2025-10986: Path traversal in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges…
PriorityP334medium5.5CVSS 3.1
AVNACLPRHUINSUCNIHAL
EPSS
0.56%
42.5th percentile
Path traversal in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to write data in unintended locations on disk.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ivanti | endpoint_manager_mobile | < 12.4.0.4 | 12.4.0.4 |
| ivanti | endpoint_manager_mobile | >= 12.5.0.0 < 12.5.0.4 | 12.5.0.4 |
| ivanti | endpoint_manager_mobile | >= 12.6.0.0 < 12.6.0.2 | 12.6.0.2 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ivanti
Ivanti Security Advisory: CVE-2025-10986
vendor_ivanti·2025-10-14·CVSS 4.7
CVE-2025-10986 [MEDIUM] CWE-22 Ivanti Security Advisory: CVE-2025-10986
Ivanti Security Advisory: CVE-2025-10986
Path traversal in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to write data in unintended locations on disk.
CVE IDs: CVE-2025-10986
CVSS Base Score: 4.7
Severity: MEDIUM
CWEs: CWE-22
GHSA
GHSA-vq75-ppw9-v9ch: Path traversal in the admin panel of Ivanti EPMM before version 12
ghsa_unreviewed·2025-10-14
CVE-2025-10986 [MEDIUM] CWE-22 GHSA-vq75-ppw9-v9ch: Path traversal in the admin panel of Ivanti EPMM before version 12
Path traversal in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to write data in unintended locations on disk.
No detection rules found.
No public exploits indexed.
Wiz
CVE-2026-1281 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.2
CVE-2026-1281 [HIGH] CVE-2026-1281 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-1281 :
Ivanti Endpoint Manager Mobile vulnerability analysis and mitigation
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.
Source : NVD
## 9.8
Score
Published January 29, 2026
Severity CRITICAL
CNA Score 9.8
High-profile Vulnerability Yes
Affected Technologies
Ivanti Endpoint Manager Mobile
Has Public Exploit Yes
Has CISA KEV Exploit Yes
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 98.7
Exploitation Probability (EPSS) 71.8
Affected packages and libraries
cpe:2.3:a:ivanti:endpoint_manager_mobile
Sources
Linux Severity CRITICAL Has Fix Added at: Jan 30, 2026
Linux Severity CRITICAL Has Fix Added at: Feb 02, 2026
## Get a CVE risk assessm
Wiz
CVE-2026-1340 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.2
CVE-2026-1340 [HIGH] CVE-2026-1340 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-1340 :
Ivanti Endpoint Manager Mobile vulnerability analysis and mitigation
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.
Source : NVD
## 9.8
Score
Published January 29, 2026
Severity CRITICAL
CNA Score 9.8
High-profile Vulnerability Yes
Affected Technologies
Ivanti Endpoint Manager Mobile
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 98.6
Exploitation Probability (EPSS) 67.7
Affected packages and libraries
cpe:2.3:a:ivanti:endpoint_manager_mobile
Sources
Linux Severity CRITICAL Has Fix Added at: Feb 17, 2026
## Get a CVE risk assessment
Get a prioritized view of CVEs in your cloud—so you
2025-10-14
Published