CVE-2026-8992

HIGH ivanti, microsoft secure_access_client, windows NVD

CVSS Score 8.8

Severity HIGH

Published May 22, 2026

Vendor ivanti, microsoft

Description

An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code.

Vendor Advisories

https://hub.ivanti.com/s/article/May-2026-Security-Advisory-Ivanti-Secure-Access-Client-CVE-2026-7431-CVE-2026-7432?language=en_US

References

https://hub.ivanti.com/s/article/May-2026-Security-Advisory-Ivanti-Secure-Access-Client-CVE-2026-7431-CVE-2026-7432?language=en_US