Ivanti Endpoint_manager
4 CVEs affecting Ivanti Endpoint_manager. Latest disclosed: 2026-05-12. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-8111 | High | 8.8 | 2026-05-12 | SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution. |
CVE-2017-11463 | High | 8.8 | 2017-12-11 | In Ivanti Service Desk (formerly LANDESK Management Suite) versions between 2016.3 and 2017.3, an Unrestricted Direct Object Reference leads to referencing/upd… |
CVE-2026-8110 | High | 7.8 | 2026-05-12 | Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privil… |
CVE-2026-8109 | Medium | 6.5 | 2026-05-12 | An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credent… |