CVE-2026-10727

Publié : 9 juin 2026

Modifié : 9 juin 2026

Score CVSS

7.2

HIGH

Description détaillée

An OS command injection vulnerability in Ivanti EPMM before 12.9.0.1, 12.8.0.3 and 12.7.0.2 versions allows a remote authenticated attacker to execute arbitrary commands as root

Vecteur d'attaque (CVSS)

Vecteur brut :CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Références et Patchs

https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-6973-CVE-2026-10727?language=en_US

Dernières Vulnérabilités

CVE-2026-8863

Multiple version of UEFI SHIM bootloaders are vulnerable to SecureBoot bypass through lack of enforcement and validation SBAT. The following authenticode signatures are impacted by this disclosure AE75F0D82BA3DF824FBFC69340CC3B4D66C598373B1AB54CDB6C8BFD83A6B961 - Spyrus WTGCreator version 4.2 FD23D6E57DE6F4E1F9D7118DA1C5F31A8AF6BE5E5D9E8170F9493447268D50C5 - Baramundi Management Suite up to 2024R1 - A0DE9333442C1BF9349A460141AE5E80F911955C6506040FA3D021BF6C1AE3E4 WhiteCanyon WipeDrive versions 8.0.0 through 8.1.3. 95B6D71FC0C0F8C5E1533A37AEF92CF6B0C961E2CC612A97117FA6759CE5FC06 - Finland Matriculation Exam Abitti 1 version 1.0.0 236A9CB0D71951C36398A32EB660CE2CD4A52CCFA7CF751CC6A35D9DE549E19B - NTC IT Rosa R9, R10 8A964D5F8373948D20A1D4296FB92E545DAD4617A0C810F3B934B53D98AE8963 - PC-Doctor Service Center 15, 16

VOIR DÉTAILS

CVE-2026-40639

Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of Privileges.

VOIR DÉTAILS

CVE-2026-39170

SemCms 5.0 is vulnerable to Cross Site Request Forgery (CSRF) via crafted POST request to /admin/semcms_user.php.

VOIR DÉTAILS