Ivanti security advisory (AV26-435)

Serial number: AV26-435
Date: May 7, 2026

On May 7, 2026, Ivanti published a security advisory to address vulnerabilities in the following product:

• Ivanti Endpoint Manager Mobile (EPMM) – versions prior to 12.6.1.1
• Ivanti Endpoint Manager Mobile (EPMM) – versions prior to 12.7.0.1
• Ivanti Endpoint Manager Mobile (EPMM) – versions prior to 12.8.0.1

Ivanti has indicated that CVE-2026-6973 has been exploited.

On May 7, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-6973 to their Known Exploited Vulnerabilities (KEV) Database.

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• Security Advisory Ivanti Endpoint Manager Mobile (EPMM) (Multiple CVEs)
• Ivanti Security Advisories
• CISA KEV: CVE-2026-6973