CVE-2026-6973

High-Severity Vulnerabilities Addressed in Endpoint Manager Mobile Ivanti EPMM security updates Ivanti ITSM vulnerability authenticated privilege escalation Ivanti Xtraction vulnerability CVE-2026-8043 Ivanti EPM RCE, SQL Injection Ivanti EPM, remote code execution CVE-2024-50330 - CVE-2025-0282 and CVE-2025-0283

Ivanti EPMM security updates Ivanti ITSM vulnerability authenticated privilege escalation Ivanti Xtraction vulnerability CVE-2026-8043 Ivanti EPM RCE, SQL Injection Ivanti EPM, remote code execution CVE-2024-50330 - CVE-2025-0282 and CVE-2025-0283

High-Severity Vulnerabilities Addressed in Endpoint Manager Mobile

Do Son June 10, 2026

The development group behind enterprise mobile device management solutions deployed critical patches. Specifically, the latest Ivanti EPMM...

Under Active Attack: Ivanti EPMM Zero-Day Exploited in the Wild via Harvested Admin Credentials Ivanti EPMM Zero-Day CVE-2026-6973 Exploitation CVE-2024-9379, CVE-2024-9380, CVE-2024-9381

Ivanti EPMM Zero-Day CVE-2026-6973 Exploitation CVE-2024-9379, CVE-2024-9380, CVE-2024-9381

Under Active Attack: Ivanti EPMM Zero-Day Exploited in the Wild via Harvested Admin Credentials

Do Son May 7, 2026

Ivanti has issued an urgent security advisory for its Endpoint Manager Mobile (EPMM) platform, formerly known as...

🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

CVE-2026-20230CVSS 8.6
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified...
CVE-2026-4020CVSS 7.5
The Gravity SMTP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and...
CVE-2026-10735
Multiple plugins by ShapedPlugin contain a backdoor in various versions. This makes it possible for unauthenticated attackers to...
CVE-2026-20262CVSS 6.5
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated,...
CVE-2026-54420CVSS 8.5
LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a...
CVE-2026-53435CVSS 8.8
In Jenkins 2.567 and earlier, LTS 2.555.2 and earlier, it is possible for attackers to have Jenkins deserialize...
CVE-2026-10795CVSS 8.1
The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to Authentication Bypass in all versions...
CVE-2026-11645
Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker...
CVE-2026-50751CVSS 9.3
A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows...
CVE-2026-20245CVSS 7.8
A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, local...

Critical Alert 4 Active Exploits Detected Today

High-Severity Vulnerabilities Addressed in Endpoint Manager Mobile

Under Active Attack: Ivanti EPMM Zero-Day Exploited in the Wild via Harvested Admin Credentials