Known Vulnerabilities for products from Ivanti
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Ivanti".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-8111 json | Not Provided | 2026-05-12 | 2026-05-12 | |
| CVE-2026-8110 json | Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authen... | Not Provided | 2026-05-12 | 2026-05-12 |
| CVE-2026-8109 json | An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote aut... | Not Provided | 2026-05-12 | 2026-05-12 |
| CVE-2026-8051 json | Not Provided | 2026-05-12 | 2026-05-12 | |
| CVE-2026-8043 json | Not Provided | 2026-05-12 | 2026-05-12 | |
| CVE-2026-7821 json | Not Provided | 2026-05-07 | 2026-05-07 | |
| CVE-2026-7432 json | A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to S... | Not Provided | 2026-05-12 | 2026-05-12 |
| CVE-2026-7431 json | Not Provided | 2026-05-12 | 2026-05-12 | |
| CVE-2026-6973 json | An Improper Input Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remotely authentica... | Not Provided | 2026-05-07 | 2026-05-07 |
| CVE-2026-5788 json | An Improper Access Control in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote unauthenticated ... | Not Provided | 2026-05-07 | 2026-05-07 |
| CVE-2026-5787 json | An Improper Certificate Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote unauthenti... | Not Provided | 2026-05-07 | 2026-05-07 |
| CVE-2026-5786 json | An Improper Access Control vulnerability in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote auth... | Not Provided | 2026-05-07 | 2026-05-07 |
| CVE-2026-1340 json | A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution. | Not Provided | 2026-01-29 | 2026-04-09 |
| CVE-2024-21893 json | 8.2 - HIGH | 2024-01-31 | 2024-02-01 | |
| CVE-2024-21888 json | 8.8 - HIGH | 2024-01-31 | 2024-01-31 | |
| CVE-2024-21887 json | 9.1 - CRITICAL | 2024-01-12 | 2024-01-22 | |
| CVE-2023-46808 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.9 - CRITICAL | 2024-03-31 | 2024-04-01 |
| CVE-2023-41726 json | Ivanti Avalanche Incorrect Default Permissions allows Local Privilege Escalation Vulnerability | 7.8 - HIGH | 2023-11-03 | 2023-11-09 |
| CVE-2023-41725 json | Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation Vulnerability | 7.8 - HIGH | 2023-11-03 | 2023-11-09 |
| CVE-2023-41724 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2024-03-31 | 2024-04-01 |
Known software with vulnerabilities from Ivanti
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Ivanti | Avalanche | 4.6 |
| Application | Ivanti | Desktopampserver Management | 2019.1 |
| Application | Ivanti | Dsm Netinst | 5.1 |
| Application | Ivanti | Endpoint Manager | 2016.4 |
| Application | Ivanti | Landesk Management Suite | 10.0.1.168 |
| Application | Ivanti | Service Manager Heat Remote Control | 7.4 |
| Application | Ivanti | Workspace Control | 10.1.0.0 |