ACCORDING to Known Exploited Vulnerabilities Catalog, Ivanti Endpoint Manager Mobile (EPMM) carries CVE-2026-6973, described as an improper input validation vulnerability that allows a remotely authenticated user with administrative access to achieve remote code execution. The CVE is listed as part of a single entry in the KEV catalog, with related CWE-20 noted. The entry states that it is Unknown whether it has been used in ransomware campaigns.
Action recommended includes applying mitigations per vendor instructions, following applicable BOD 22-01 guidance for cloud services, or discontinuing use of the product if mitigations are unavailable. The vulnerability was added to the catalog on 07 May 2026, with a due date of 10 May 2026. Additional notes provide links to Ivanti’s security advisory and the NVD entry for CVE-2026-6973, and the KEV page invites subscribers to stay updated on future catalog changes.