Ivanti customers confront yet another actively exploited zero-day

Ivanti disclosed and patched a zero-day (CVE-2026-6973) in Endpoint Manager Mobile that allows authenticated administrators to run remote code and has been observed with very limited exploitation; Ivanti released fixes for this and four additional high-severity EPMM flaws while CISA added the zero-day to its known exploited vulnerabilities catalog. The report notes prior, more widely exploited unauthenticated EPMM vulnerabilities (CVE-2026-1281 and CVE-2026-1340) that impacted nearly 100 victims and highlights Ivanti's ongoing disclosure, patching, and security-process efforts.