What is GHSA-5fgm-7c83-qg5j?

GHSA-5fgm-7c83-qg5j is a security advisory published by GitHub Security Advisories with High severity. An OS command injection vulnerability in Ivanti EPMM before 12.9.0.1, 12.8.0.3 and 12.7.0.2...

Which CVE IDs does GHSA-5fgm-7c83-qg5j cover?

GHSA-5fgm-7c83-qg5j covers the following CVE IDs: CVE-2026-10727. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-5fgm-7c83-qg5j?

GHSA-5fgm-7c83-qg5j has a CVSS v3 base score of 7.2, published by GitHub Security Advisories.

GHSA-5fgm-7c83-qg5jHighCVSS 7.2

An OS command injection vulnerability in Ivanti EPMM before 12.9.0.1, 12.8.0.3 and 12.7.0.2...

Vendor

GitHub Security Advisories

Published

June 9, 2026

Last Modified

June 9, 2026

🔗 CVE IDs covered (1)

CVE-2026-10727 →

📋 Description

An OS command injection vulnerability in Ivanti EPMM before 12.9.0.1, 12.8.0.3 and 12.7.0.2 versions allows a remote authenticated attacker to execute arbitrary commands as root

🔗 References (3)

https://nvd.nist.gov/vuln/detail/CVE-2026-10727
https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-6973-CVE-2026-10727?language=en_US
https://github.com/advisories/GHSA-5fgm-7c83-qg5j