Ivanti Endpoint Manager Mobile Zero-Days Exploited (CVE-2026-1281, CVE-2026-1340)
On January 29, Ivanti published an advisory for two zero-day vulnerabilities in Endpoint Manager Mobile (EPMM), formerly MobileIron Core: CVE Description CVSSv3 CVE-2026-1281 Ivanti Endpoint Manager Mobile Remote Code Execution Vulnerability 9.8 CVE-2026-1340 Ivanti Endpoint Manager Mobile Remote Code Execution Vulnerability 9.8 According to Ivanti, both vulnerabilities were exploited in the wild affecting “a very limited number of customers.” Due to its ongoing investigation, Ivanti did not include any indicators of compromise. Ivanti products are popular targets for attackers, and over the last several years, there have been multiple EPMM vulnerabilities exploited in the wild. For more information about these vulnerabilities, including the availability of patches and Tenable product coverage, please visit our blog.Oracle E-Business Suite Zero-Day Exploited by Cl0p Ransomware Group (CVE-2025-61882)
On October 4, Oracle published a Security Alert Advisory for a zero-day in its E-Business Suite (EBS) solution: CVE Description CVSSv3 CVE-2025-61882 Oracle Concurrent Processing Remote Code Execution Vulnerability 9.8 This vulnerability was reportedly exploited in the wild by the Cl0p ransomware group. It followed earlier reports of extortion emails being sent to EBS customers by the Cl0p ransomware group. Initially, Oracle indicated that attacks used flaws in Oracle’s July 2025 CPU release. For more information about this zero-day vulnerability and associated vulnerabilities, including the availability of patches and Tenable product coverage, please visit our blog.
