Ivanti Patches Flaws in Secure Access Client, EPM, Xtraction, VTM
Ivanti disclosed vulnerabilities in Secure Access Client, Endpoint Manager, Xtraction, and Virtual Traffic Manager. No evidence of exploitation.
Executive Summary
Ivanti released its monthly security patches on May 12, 2026, disclosing vulnerabilities across four products: Ivanti Secure Access Client, Ivanti Xtraction, Ivanti Virtual Traffic Manager, and Ivanti Endpoint Manager (EPM). The company stated it has no evidence of any of these flaws being exploited in the wild. Notably, Ivanti attributed the discovery of some of these vulnerabilities to an internal project integrating advanced LLM models into its product security testing pipeline — an approach the vendor says identified flaws that traditional SAST and DAST tools missed.
Technical Analysis
According to the advisory published by Ivanti, the vulnerabilities affect the following products:
- Ivanti Secure Access Client — details of the specific flaw(s) were not enumerated in the announcement; Ivanti directs customers to the individual security advisory for each product.
- Ivanti Xtraction — similarly, no technical specifics were provided in the blog post beyond the product name.
- Ivanti Virtual Traffic Manager — no CVE IDs or CVSS scores were disclosed in the summary.
- Ivanti Endpoint Manager (EPM) — no CVE IDs or CVSS scores were disclosed in the summary.
Ivanti did not publish CVE identifiers, CVSS scores, or vulnerability types (e.g., RCE, SQLi, XSS) in the blog post. The company instead linked to separate security advisory pages for each product, which may contain that detail. The blog post emphasized that the vulnerabilities do not impact any other Ivanti solutions.
Ivanti disclosed that its product security team recently began integrating multiple advanced LLM models into its engineering and red-team processes. The company claims this project has already identified vulnerabilities that traditional static and dynamic analysis tools missed, including some of those patched today. Ivanti stated it expects an increase in vulnerability disclosures as these AI-assisted tools are refined and further integrated.
Mitigations & Recommendations
Ivanti advises customers to apply the relevant security updates for each affected product. Detailed remediation instructions are available in the product-specific security advisories linked from the blog post. Ivanti recommends that customers subscribe to alerts through the Ivanti Innovators Hub and follow the security blog for future disclosures. Organizations using any of the four affected products should prioritize patching based on the risk profile of their deployment, even though no active exploitation has been reported.
Stay Updated
Get the latest cybersecurity news delivered to your inbox.
