CVE-2026-6973: Ivanti EPMM Improper Input Validation Enables Authenticated RCE
Endpoint Manager Mobile (EPMM)
Vulnerabilities by Vendor
All Vuln Brief CVE analysis grouped by affected vendor. 22 vendors covered across 38 analysed vulnerabilities.
Ivanti
6 CVEsCVE-2025-0282: Ivanti Connect Secure — Stack Overflow Zero-Day RCE
Connect Secure / Policy Secure / Neurons for ZTA
CVE-2024-21893: Ivanti Connect Secure — SSRF to Authentication Bypass
Connect Secure / Policy Secure
CVE-2024-29824: Ivanti EPM — SQL Injection to RCE
Endpoint Manager (EPM)
CVE-2023-46805: Ivanti Connect Secure — Authentication Bypass via Path Traversal
Connect Secure / Policy Secure
CVE-2024-21887: Ivanti Connect Secure — Authenticated Command Injection
Connect Secure / Policy Secure
Fortinet
4 CVEsCVE-2023-48788: Fortinet FortiClientEMS — SQL Injection to RCE
FortiClientEMS
CVE-2024-23113: Fortinet FortiOS — Format String RCE
FortiOS / FortiProxy / FortiPAM / FortiWeb
CVE-2023-27997: Fortinet FortiGate SSL-VPN — Pre-Auth Heap Overflow RCE
FortiOS / FortiProxy
CVE-2024-21762: Fortinet FortiOS SSL VPN — Out-of-Bounds Write RCE
FortiOS
Microsoft
3 CVEsCVE-2026-42897: Microsoft Exchange Server XSS in Outlook Web Access
Exchange Server
CVE-2024-38094: Microsoft SharePoint Server — Remote Code Execution
SharePoint Server
CVE-2025-29824: Windows CLFS — Zero-Day Privilege Escalation
Windows (CLFS Driver)
Atlassian
2 CVEsCVE-2022-26134: Atlassian Confluence — OGNL Injection RCE
Confluence Server / Data Center
CVE-2023-22515: Atlassian Confluence — Privilege Escalation to Admin
Confluence Data Center and Server
Cisco
2 CVEsCVE-2026-20182: Cisco Catalyst SD-WAN Authentication Bypass — Unauthenticated Admin Access
Catalyst SD-WAN Controller & Manager
CVE-2023-20198: Cisco IOS XE Web UI — Zero-Day Privilege Escalation (CVSS 10.0)
IOS XE
JetBrains
2 CVEsConnectWise
2 CVEsPalo Alto Networks
2 CVEsCleo
2 CVEsCVE-2024-50623: Cleo Harmony/VLTrader — Unrestricted File Upload and Download RCE
Harmony / VLTrader / LexiCom
CVE-2024-55956: Cleo MFT — Unrestricted File Upload to RCE
Harmony / VLTrader / LexiCom
Fortra (formerly HelpSystems)
1 CVEProgress Software
1 CVECVE-2023-34362: MOVEit Transfer — SQL Injection to RCE
MOVEit Transfer
Apache Software Foundation
1 CVEIBM
1 CVEownCloud
1 CVECVE-2023-49103: ownCloud graphapi — Sensitive Information Disclosure (CVSS 10.0)
ownCloud (graphapi app)
GitLab
1 CVECitrix
1 CVECVE-2023-4966: Citrix NetScaler Bleed — Session Token Leak
NetScaler ADC / NetScaler Gateway
PHP Group
1 CVECVE-2024-4577: PHP CGI — Argument Injection RCE on Windows
PHP (CGI mode on Windows)
OpenSSH
1 CVELinux
1 CVEWebPros
1 CVEBerriAI
1 CVENo vendors match your search.