CVE-2026-1603

⚠ KEVEPSS 55.9%

Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability

Added to CISA KEV: 3/9/2026

Description

Ivanti Endpoint Manager (EPM) contains an authentication bypass using an alternate path or channel vulnerability that could allow a remote unauthenticated attacker to leak specific stored credential data.

Affected packages (0)

No package mapping in OSV.