These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-6973 is an Ivanti Endpoint Manager Mobile (EPMM) vulnerability described as improper input validation. CISA added it to the Known Exploited Vulnerabilities catalog on 2026-05-07, which means it is treated as a known-exploited issue and should be addressed urgently. The supplied corpus does not include deeper technical detail or a CVSS score, so defensive response should focus on confirming exposu [truncated]
CVE-2026-1340 is a code injection vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that CISA added to the Known Exploited Vulnerabilities catalog on 2026-04-08. The supplied CISA guidance emphasizes assessing exposure, checking internet-accessible affected products for signs of compromise, and applying vendor mitigations as soon as possible. If mitigations are unavailable, CISA advises discontinuing [truncated]
CVE-2026-1603 is a known-exploited authentication bypass vulnerability in Ivanti Endpoint Manager (EPM). CISA added it to the Known Exploited Vulnerabilities catalog on 2026-03-09 and set a remediation due date of 2026-03-23, so affected organizations should treat mitigation as urgent.
CVE-2026-1281 is an Ivanti Endpoint Manager Mobile (EPMM) code injection vulnerability that CISA added to the Known Exploited Vulnerabilities catalog on 2026-01-29. The supplied authoritative material does not provide root-cause, precondition, or impact specifics beyond the code-injection classification. Because it is KEV-listed, defenders should treat it as urgent, verify exposure, apply vendor mitigatio [truncated]
CVE-2025-4428 is a code injection vulnerability in Ivanti Endpoint Manager Mobile (EPMM). CISA added it to the Known Exploited Vulnerabilities catalog on 2025-05-19 and set a remediation due date of 2025-06-09, so organizations using EPMM should treat it as a high-priority exposure and apply vendor mitigations or discontinue use if mitigations are unavailable.
CVE-2025-4427 is an authentication bypass vulnerability in Ivanti Endpoint Manager Mobile (EPMM). CISA added it to the Known Exploited Vulnerabilities (KEV) catalog on 2025-05-19, indicating it is treated as a vulnerability with known exploitation risk. The KEV entry directs defenders to apply vendor mitigations, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if [truncated]
CVE-2025-22457 affects Ivanti Connect Secure, Policy Secure, and ZTA Gateways and is described as a stack-based buffer overflow vulnerability. CISA added it to the Known Exploited Vulnerabilities catalog on 2025-04-04, which indicates confirmed real-world exploitation. CISA also marks the issue as having known ransomware campaign use, so exposed Ivanti gateway deployments should be treated as urgent remed [truncated]
CVE-2024-13161 is an absolute path traversal vulnerability affecting Ivanti Endpoint Manager (EPM). CISA added the issue to its Known Exploited Vulnerabilities catalog on 2025-03-10, which makes this a priority item for exposed Ivanti EPM environments.
CVE-2024-13160 is a vendor-identified absolute path traversal issue in Ivanti Endpoint Manager (EPM) that CISA added to the Known Exploited Vulnerabilities catalog on 2025-03-10. Because CISA classifies it as known exploited, this should be treated as an urgent remediation item. The supplied corpus directs defenders to apply vendor mitigations per Ivanti's instructions, and to discontinue use of the produ [truncated]
CVE-2024-13159 is an Ivanti Endpoint Manager (EPM) absolute path traversal vulnerability. CISA added the issue to its Known Exploited Vulnerabilities (KEV) catalog on 2025-03-10, which means defenders should treat it as a high-priority remediation item. The public sources provided here do not include a CVSS score, and the most actionable guidance is to follow vendor mitigation instructions and, where appl [truncated]
CVE-2025-0282 is a publicly listed Ivanti vulnerability affecting Connect Secure, Policy Secure, and ZTA Gateways. The supplied corpus identifies it as a stack-based buffer overflow and shows that CISA added it to the Known Exploited Vulnerabilities catalog on 2025-01-08, with a remediation due date of 2025-01-15. Because it is in KEV and marked as known ransomware campaign use, defenders should treat it [truncated]
CVE-2024-9380 affects Ivanti Cloud Services Appliance (CSA) and is described as an OS command injection vulnerability. CISA added it to the Known Exploited Vulnerabilities catalog on 2024-10-09, so defenders should treat it as a known-exploited issue and prioritize remediation. CISA’s KEV entry also says CSA 4.6.x has reached end-of-life status and should be removed from service or upgraded to the 5.0.x l [truncated]
CVE-2024-9379 affects Ivanti Cloud Services Appliance (CSA) and is listed by CISA as a known exploited vulnerability. CISA added it to the KEV catalog on 2024-10-09 and set a remediation due date of 2024-10-30. For CSA 4.6.x, CISA's required action is to remove it from service or upgrade to the 5.0.x line or later.
CVE-2024-29824 affects Ivanti Endpoint Manager (EPM) and is listed by CISA in the Known Exploited Vulnerabilities catalog, which means CISA has assessed it as actively exploited. The supplied source data does not include a CVSS score or detailed technical impact, but it does provide a clear defensive directive: apply vendor mitigations or discontinue use of the product if mitigations are unavailable. Beca [truncated]
CVE-2024-7593 is an Ivanti Virtual Traffic Manager authentication bypass issue that CISA added to the Known Exploited Vulnerabilities catalog on 2024-09-24. Because it is KEV-listed, organizations should treat it as a high-priority remediation item and follow Ivanti’s mitigation guidance immediately. If mitigations are not available or cannot be applied promptly, CISA’s guidance is to discontinue use of the product.
CVE-2024-8963 is a path traversal vulnerability affecting Ivanti Cloud Services Appliance (CSA). CISA added the issue to its Known Exploited Vulnerabilities catalog on 2024-09-19, which means defenders should treat it as actively prioritized for remediation. CISA’s guidance notes that Ivanti CSA 4.6.x has reached end-of-life status and should be removed from service or upgraded to the supported 5.0.x line.
CVE-2024-8190 is an Ivanti Cloud Services Appliance (CSA) OS command injection vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2024-09-13. Because Ivanti CSA 4.6.x has reached end-of-life, CISA urges organizations to remove CSA 4.6.x from service or upgrade to the supported 5.0.x line. The available source corpus does not provide a CVSS score, but the KEV listing means the [truncated]
CVE-2021-44529 is a code injection vulnerability affecting Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA). CISA added it to the Known Exploited Vulnerabilities (KEV) catalog on 2024-03-25, set a remediation due date of 2024-04-15, and marked the entry as having known ransomware campaign use. From a defensive standpoint, that makes this a high-priority remediation item for any organization runni [truncated]
CVE-2024-21893 is a server-side request forgery (SSRF) vulnerability affecting Ivanti Connect Secure, Policy Secure, and Neurons. CISA added the issue to its Known Exploited Vulnerabilities catalog on 2024-01-31 and marked it as having known ransomware campaign use. CISA’s required action is to apply vendor mitigations per Ivanti’s instructions, or discontinue use of the product if mitigations are unavailable.
CVE-2023-35082 is an authentication bypass vulnerability affecting Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core. CISA added it to the Known Exploited Vulnerabilities (KEV) catalog on 2024-01-18 and marked it as known to have been used in ransomware campaigns. For defenders, this is a high-priority exposure: CISA’s required action is to apply vendor mitigations or discontinue use of the produc [truncated]
CVE-2024-21887 affects Ivanti Connect Secure and Policy Secure and is identified by CISA as a known exploited vulnerability. CISA added it to the KEV catalog on 2024-01-10, with a remediation due date of 2024-01-22, and marked known ransomware campaign use as Known. For defenders, this is a high-priority internet-facing gateway issue: follow vendor instructions referenced by CISA, and if mitigations are n [truncated]
CVE-2023-46805 is an Ivanti Connect Secure and Policy Secure authentication bypass that CISA lists in the Known Exploited Vulnerabilities catalog. The KEV entry marks it as known exploited and notes known ransomware campaign use, so defenders should treat it as an active, high-priority issue.
CVE-2023-38035 is an Ivanti Sentry authentication bypass issue affecting the administrator interface. CISA added it to the Known Exploited Vulnerabilities catalog on 2023-08-22 and marked it for remediation by 2023-09-12, indicating active exploitation risk and a need for immediate defensive attention.
CVE-2023-35081 is a path traversal vulnerability affecting Ivanti Endpoint Manager Mobile (EPMM). It was added to CISA’s Known Exploited Vulnerabilities catalog on 2023-07-31, which means defenders should treat it as an actively exploited issue rather than a routine disclosure. The CISA KEV record directs organizations to apply vendor mitigations or discontinue use of the product if mitigations are unavailable.
CVE-2023-35078 is an Ivanti Endpoint Manager Mobile (EPMM) authentication bypass issue associated with remote unauthenticated API access. CISA added it to the Known Exploited Vulnerabilities catalog on 2023-07-25 and marked known ransomware campaign use as Known, which makes this an active-risk item rather than a purely theoretical flaw. The defensive priority is to follow vendor mitigation guidance immed [truncated]
CVE-2021-22900 is an unrestricted file upload vulnerability in Ivanti Pulse Connect Secure. CISA lists it in the Known Exploited Vulnerabilities catalog, indicating confirmed exploitation in the wild. The CISA KEV entry directs organizations to apply updates per vendor instructions and references Emergency Directive 21-03 for further guidance.
CVE-2021-22899 is a command injection vulnerability affecting Ivanti Pulse Connect Secure. CISA included it in the Known Exploited Vulnerabilities catalog on 2021-11-03, which means defenders should treat it as a high-priority patching item. CISA’s guidance points to applying updates per the vendor’s instructions and references Emergency Directive 21-03 for additional requirements and deadlines.
CVE-2021-22894 is a buffer overflow vulnerability in Ivanti Pulse Connect Secure Collaboration Suite. CISA lists it in the Known Exploited Vulnerabilities catalog, which indicates it has been observed as exploited and should be prioritized for remediation.
CVE-2021-22893 is a use-after-free vulnerability in Ivanti Pulse Connect Secure that CISA included in its Known Exploited Vulnerabilities catalog on 2021-11-03. Because it is listed by CISA as known exploited and marked for known ransomware campaign use, organizations should treat remediation as urgent and follow vendor update guidance and CISA’s ED 21-03 requirements.
CVE-2020-8260 is a code execution vulnerability associated with Ivanti Pulse Connect Secure. CISA added it to the Known Exploited Vulnerabilities catalog on 2021-11-03 and tied remediation to vendor updates and ED 21-03 guidance. Because the provided source corpus is limited, the safest interpretation is operational: treat this as a priority patch-and-verify item for any organization running the product.
CVE-2020-8243 is a code execution vulnerability affecting Ivanti Pulse Connect Secure. CISA added it to the Known Exploited Vulnerabilities catalog on 2021-11-03, which means it is treated as a vulnerability with known exploitation risk and should be prioritized for remediation. CISA’s guidance for this entry is to apply vendor updates per Ivanti instructions, with the KEV due date aligned to ED 21-03 requirements.
CVE-2020-15505 is a remote code execution vulnerability affecting Ivanti MobileIron Multiple Products. CISA added it to the Known Exploited Vulnerabilities catalog on 2021-11-03, which makes it a priority for defensive action. The supplied corpus does not include exploit mechanics, affected versions, or patch details, so the safest response is to follow Ivanti’s remediation guidance and treat exposed Mobi [truncated]
CVE-2019-11539 is a command injection vulnerability affecting Ivanti Pulse Connect Secure and Pulse Policy Secure. In the supplied CISA KEV entry, it is marked as known exploited and noted for known ransomware campaign use, making it a high-priority issue for any organization still running affected deployments.
CVE-2019-11510 is a vulnerability in Ivanti Pulse Connect Secure that CISA lists in its Known Exploited Vulnerabilities catalog as an arbitrary file read issue. Because it is KEV-listed and marked for known ransomware campaign use, defenders should treat it as urgent and follow vendor remediation guidance without delay.
CVE-2016-3147 is a critical network-exploitable buffer overflow in the collector.exe listener used by Landesk Management Suite 10.0.0.271 and earlier. According to the provided NVD record, a large packet can trigger the flaw, leading to denial of service and possibly arbitrary code execution. The published CVSS 3.1 vector is 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), so environments exposing this listener [truncated]
