CVE-2026-6973

KEV High · CVSS 7.2

Ivanti EPMM (Endpoint Manager Mobile) — Improper Input Validation leading to Remote Code Execution

CVSS: 7.2; nvd
EPSS: 4.79%; 90th pct
KEV: Listed; 2026-05-07
Class: other; CWE-20

Description

An Improper Input Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remotely authenticated user with administrative access to achieve remote code execution.

Search profile — drives PoC discovery

Symbols EPMMEndpoint Manager MobileMobileIronadministrative accessremote code executioninput validation

Keywords CVE-2026-6973Ivanti EPMMIvanti Endpoint Manager Mobileimproper input validation RCEEPMM RCEIvanti EPMM exploitIvanti EPMM PoCEPMM authenticated RCEIvanti EPMM 12.6.1.1Ivanti EPMM 12.7.0.1Ivanti EPMM 12.8.0.1

Versions: before 12.6.1.1, before 12.7.0.1, before 12.8.0.1

References

https://hub.ivanti.com/s/article/May-2026-Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-Multiple-CVEs
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-6973

Status: enriched · ingested 2026-06-11T18:20:51.547Z · profiled 2026-06-16T18:20:23.035Z