CISA warns Ivanti Endpoint Manager flaw is now under active attack

CISA has warned that a recently patched Ivanti Endpoint Manager vulnerability is now being exploited in real attacks. The flaw, tracked as CVE-2026-1603, lets a remote, unauthenticated attacker leak specific stored credential data, and CISA added it to the Known Exploited Vulnerabilities catalog on March 9, 2026. The issue affects Ivanti Endpoint Manager versions before […] The post CISA warns Ivanti Endpoint Manager flaw is now under active attack appeared first on VPN Central.