CVE-2026-1340 is a vulnerability tracked across 11 threat clusters and 37 intelligence report mentions on ThreatCluster. First observed January 29, 2026; most recent activity June 25, 2026.
The Cybersecurity and Infrastructure Security Agency (CISA) has mandated that U.S. federal agencies patch a critical vulnerability in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1340, by April 11, 2026.…
Between May 2025 and Spring 2026, the Belgian State Security experienced a data breach exposing employee information, attributed to vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM). Hackers exploited flaws…
Ivanti has disclosed a zero-day vulnerability (CVE-2026-6973) in its Endpoint Manager Mobile (EPMM) product, which has been actively exploited by attackers. This flaw allows authenticated users with administrative…
Two critical vulnerabilities in Ivanti's Endpoint Manager Mobile (EPMM), CVE-2026-1281 and CVE-2026-1340, have been actively exploited in the wild, allowing unauthenticated remote code execution (RCE) with a CVSS score…
Multiple critical vulnerabilities affecting Gogs and Jinjava have been disclosed, with severe impacts including remote code execution (RCE) and unauthorized file access. Gogs vulnerabilities include CVE-2025-64111…
The Dutch Data Protection Authority (AP) confirmed it was compromised during a wave of attacks exploiting Ivanti vulnerabilities. The attack, which occurred on January 29, involved the Ivanti Endpoint Manager Mobile…
On February 10, 2026, Microsoft released a security update addressing 59 vulnerabilities, including six zero-day flaws that were actively exploited prior to the patch. The vulnerabilities affect various Microsoft…
The Russian government is advancing legislation to require mobile operators to implement a domestically-developed encryption algorithm, NEA-7, for the country's 5G network. If passed, all new phones sold in Russia must…
The European Commission has detected and contained a cyber incident affecting its mobile device management infrastructure. The breach, identified on January 30, resulted in unauthorized access to a limited subset of…
OpenAI has implemented two new security features in ChatGPT to prevent prompt injection attacks. Meanwhile, threat actors have exploited two Ivanti zero-day vulnerabilities, CVE-2026-1281 and CVE-2026-1340, to deploy…