Ivanti Patches CVE-2026-6973 Zero-Day in EPMM as CISA Adds Authenticated Admin RCE Bug to KEV
Ivanti disclosed an actively exploited authenticated RCE in Endpoint Manager Mobile alongside four other high-severity flaws. CISA added it to KEV on May 7 with a May 10 federal patch deadline.
4 min read8 sources