Projectworlds House Rental and Property Listing: Code Injection Vulnerability

Projectworlds House Rental and Property Listing is an open-source housing rental and property listing system developed by Projectworlds. Version 1.0 of Projectworlds House Rental and Property Listing contains a code injection vulnerability, which stems from incorrect handling of the parameter...

CVE-2026-1281

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution...

CVE-2026-1281

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution...

CVE-2026-1340

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution...

CVE-2026-1340

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution...

CVE-2026-1340

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution...

CVE-2026-1340

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution...

CVE-2026-1340

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution...

CVE-2026-1340

CVE-2026-1340 affects Ivanti Endpoint Manager Mobile (EPMM) with a code-injection flaw that could allow unauthenticated remote code execution. The CVSS v3.1 base score is 9.8 (CRITICAL) with network attack vector, no privileges required, no user interaction, and high impact to confidentiality, in...

CVE-2026-1281

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution...

CVE-2026-1281

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution...

CVE-2026-1281

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution...

CVE-2026-1281

Ivanti Endpoint Manager Mobile (EPMM) is affected by two code-injection vulnerabilities, CVE-2026-1281 and CVE-2026-1340, both enabling unauthenticated remote code execution. The exploits describe pre-auth RCE via endpoints /mifs/c/appstore/fob/ (CVE-2026-1281) and /mifs/c/aftstore/fob/ (CVE-2026...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-1281link is external Ivanti Endpoint Manager Mobile EPMM Code Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious...

PT-2026-5357

Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager Mobile affected versions not specified Description An unauthenticated remote code execution issue exists in Ivanti Endpoint Manager Mobile EPMM due to improper control of code generation. This occurs through a server-si...

PT-2026-5358

Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager Mobile affected versions not specified Description A code injection issue in Ivanti Endpoint Manager Mobile allows unauthenticated remote attackers to achieve remote code execution. This is caused by improper management...

Bdtask Bhojon All-In-One Restaurant Management System: Code Injection Vulnerability

Bdtask Bhojon All-In-One Restaurant Management System is a restaurant management system developed by the Bangladeshi company Bdtask. The versions of the Bdtask Bhojon All-In-One Restaurant Management System prior to 20260116 contained a code injection vulnerability. This vulnerability stemmed fro...

VulnCheck KEV: CVE-2026-1281

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution...

Ivanti Endpoint Manager Mobile code injection vulnerability

Ivanti Endpoint Manager Mobile is a mobile management software engine developed by the American company Ivanti. Ivanti Endpoint Manager Mobile has a code injection vulnerability, which stems from code injection and may allow unauthenticated remote code execution...

Ivanti Endpoint Manager Mobile code injection vulnerability

Ivanti Endpoint Manager Mobile is a mobile management software engine developed by the American company Ivanti. Ivanti Endpoint Manager Mobile has a code injection vulnerability, which stems from code injection and may allow unauthenticated remote code execution...