CVE-2026-6973: Authenticated Admin RCE In Ivanti EPMM Added to CISA KEV

**Executive summary:** CVE-2026-6973 is a CVSS 7.2 improper-input-validation RCE affecting Ivanti Endpoint Manager Mobile (EPMM) on-prem deployments that has been exploited in the wild and added to CISA's KEV; exploitation requires remote administrative authentication. Ivanti published fixed builds (12.6.1.1, 12.7.0.1, 12.8.0.1); defenders should prioritize patching, audit and rotate admin credentials, invalidate sessions, and treat EPMM as a high-value asset during triage.