CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-8051

OS command injection in Ivanti Virtual Traffic Manager before version 22.9r4 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.015

EPSS Ranking 81.2%

CVSS Severity

CVSS v3 Score 7.2

References

https://hub.ivanti.com/s/article/May-2026-Security-Advisory-Ivanti-Virtual-Traffic-Manager-vTM-CVE-2026-8051?language=en_US

Products affected by CVE-2026-8051

Ivanti » Virtual Traffic Manager » Version: 22.2

cpe:2.3:a:ivanti:virtual_traffic_manager:22.2
Ivanti » Virtual Traffic Manager » Version: 22.3

cpe:2.3:a:ivanti:virtual_traffic_manager:22.3
Ivanti » Virtual Traffic Manager » Version: 22.5

cpe:2.3:a:ivanti:virtual_traffic_manager:22.5
Ivanti » Virtual Traffic Manager » Version: 22.6

cpe:2.3:a:ivanti:virtual_traffic_manager:22.6
Ivanti » Virtual Traffic Manager » Version: 22.7

cpe:2.3:a:ivanti:virtual_traffic_manager:22.7
Ivanti » Virtual Traffic Manager » Version: 22.9

cpe:2.3:a:ivanti:virtual_traffic_manager:22.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-8051

Products

Pricing

Contact Us