CVE-2026-8109

MEDIUM NVD

CVSS Score 6.5

Severity MEDIUM

Published May 12, 2026

Vendor unknown

Description

An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials.

References

https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-EPM-May-2026?language=en_US