{"vulnerability": "cve-2026-6973", "sightings": [{"uuid": "7de91dba-12c3-40e7-8acc-448c871bfb57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://threatintel.cc/2026/05/07/us-cisa-adds-a-flaw.html", "content": "U.S. CISA adds a flaw in Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities catalog\n\nThe U.S. CISA has added a zero-day vulnerability (CVE-2026-6973) in Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities catalog, urging federal agencies to patch by May 10, 2026. This flaw, requiring admin privileges, allows for arbitrary code execution and is already being exploited.", "creation_timestamp": "2026-05-07T17:17:27.000000Z"}, {"uuid": "051dd804-093a-4934-959c-b271b8f768ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mlbrwwvyrb2k", "content": "Ivanti EPMM Under Fire: CVE-2026-6973 Admin\u2011Auth 0\u2011Day Already Weaponized \u2013 Patch Now! +\u00a0Video\n\nIntroduction: Ivanti\u2019s Endpoint Manager Mobile (EPMM) on\u2011premises product is currently under active attack due to a newly disclosed zero\u2011day vulnerability, tracked as CVE\u20112026\u20116973. Although exploitation\u2026", "creation_timestamp": "2026-05-07T17:54:47.200500Z"}, {"uuid": "30bbf77b-3ed1-4177-8b29-dceb4e276950", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-6973", "type": "seen", "source": "https://bsky.app/profile/montxt.bsky.social/post/3mlbuvtsqy325", "content": "Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access  https://thehackernews.com/2026/05/ivanti-epmm-cve-2026-6973-rce-under.html", "creation_timestamp": "2026-05-07T18:47:51.595860Z"}, {"uuid": "f176f4da-b44e-427e-b030-3d07a67fa193", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mlbvguyggu2v", "content": "Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access", "creation_timestamp": "2026-05-07T18:57:23.730087Z"}, {"uuid": "22c191b7-6c7e-42d2-8f3e-5bcabd66cc8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://t.me/ctinow/249922", "content": "Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access\nhttps://ift.tt/kwxzoRy", "creation_timestamp": "2026-05-07T18:29:48.000000Z"}, {"uuid": "717ae356-454f-4be4-90d8-115741a454b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://thehackernews.com/2026/05/ivanti-epmm-cve-2026-6973-rce-under.html", "content": "Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited attacks in the wild.\nThe high-severity vulnerability, CVE-2026-6973 (CVSS score: 7.2), is a case of improper input validation affecting EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1.\nIt allows \"a remotely authenticated user with administrative access to achieve remote code", "creation_timestamp": "2026-05-07T15:55:00.000000Z"}, {"uuid": "1a2239bd-61e9-493f-93d7-6f49e6b6eebe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/116534898889978683", "content": "The U.S. CISA has added a zero-day vulnerability (CVE-2026-6973) in Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities catalog, urging federal agencies to patch by May 10, 2026. This flaw, requiring admin privileges, allows for arbitrary code execution and is already being exploited.https://securityaffairs.com/191822/security/u-s-cisa-adds-a-flaw-in-ivanti-endpoint-manager-mobile-epmm-to-its-known-exploited-vulnerabilities-catalog.html", "creation_timestamp": "2026-05-07T19:17:24.094165Z"}, {"uuid": "b88ec2c1-aa19-46ea-b9f0-5290b2785372", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mlbx724hl427", "content": "Ivanti EPMM\u306b\u672a\u4fee\u6b63\u306e\u8106\u5f31\u6027(CVE-2026-6973)\u304c\u3042\u308a\u3001\u653b\u6483\u8005\u306f\u7ba1\u7406\u8005\u6a29\u9650\u3067\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u53ef\u80fd\u3067\u3059\u3002", "creation_timestamp": "2026-05-07T19:28:48.119456Z"}, {"uuid": "444d49ac-9f5b-4c93-80e0-1bcfac3cc707", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/it4intserver.bsky.social/post/3mlbxxuts4j2d", "content": "iT4iNT SERVER Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access VDS VPS Cloud #Ivanti #CVE20266973 #CyberSecurity #RCE #EndpointManagement", "creation_timestamp": "2026-05-07T19:42:41.214161Z"}, {"uuid": "536a9d54-f07f-4917-89cc-8841f10189ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mlbz5cfg342k", "content": "~Cisa~\nCISA added CVE-2026-6973, an actively exploited Ivanti EPMM vulnerability, to its KEV catalog.\n-\nIOCs: CVE-2026-6973\n-\n#CVE2026_6973 #Ivanti #ThreatIntel", "creation_timestamp": "2026-05-07T20:03:36.577503Z"}, {"uuid": "d85f4426-f6b9-4600-b8f4-530c3f055d35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mlbxhyrb2c22", "content": "Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited at...\n\n\nOrigin | Interest | Match", "creation_timestamp": "2026-05-07T20:09:55.575364Z"}, {"uuid": "a4df78cf-53a9-4506-bbd8-c0b739a95149", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/cybersecurity0001.bsky.social/post/3mlc245yg5x2k", "content": "Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access", "creation_timestamp": "2026-05-07T20:20:52.697166Z"}, {"uuid": "0873f23f-241e-495e-aaac-4c6fdc2f47ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mlc3xyc2qf2a", "content": "\ud83d\uded1 CVE-2026-6973\nIvanti Endpoint Manager Mobile (EPMM)\nCVSS 7.2 / KEV\nTL;DR: An Improper Input Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1\u2026\nhttps://cvesentinel.replit.app/report/CVE-2026-6973?utm_source=bluesky&utm_medium=social&utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-05-07T20:54:19.211745Z"}, {"uuid": "afd38283-2b5a-4952-acd4-3b2000488581", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://t.me/TengkorakCyberCrewzz/10229", "content": "Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access \u2013 thehackernews.com\n\nFri, 08 May 2026 01:55:00", "creation_timestamp": "2026-05-07T20:03:10.000000Z"}, {"uuid": "8c4dccea-c3f0-4010-99cf-3efa76f1eed4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116535389806075712", "content": "Attention, elevated activities detected targeting Ivanti Endpoint Manager Mobile (CVE-2026-6973) https://vuldb.com/vuln/361893/cti", "creation_timestamp": "2026-05-07T21:22:18.315318Z"}, {"uuid": "d99a92e9-9ba1-4eb4-9e01-d5bf9119de69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://www.cert.se/2026/05/flera-sarbarheter-i-ivanti-endpoint-manager-mobile-EPMM.html", "content": "", "creation_timestamp": "2026-05-08T00:50:00.000000Z"}, {"uuid": "de8b03bb-4d07-4a34-9147-7e5b6dc56596", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1855", "content": "", "creation_timestamp": "2026-05-07T21:00:00.000000Z"}, {"uuid": "0fec9f59-b167-4e23-a834-271fd7e2668c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mlbljw4svm2u", "content": "\ud83d\udd17 CVE : CVE-2026-5786, CVE-2026-5787, CVE-2026-5788, CVE-2026-6973, CVE-2026-7821", "creation_timestamp": "2026-05-07T16:00:08.074004Z"}, {"uuid": "1ae4ff5f-c7a1-4f48-a01d-4f798358e25c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116534135685499824", "content": "CIAS has updated the KEV catalogue.\n-  CVE-2026-6973: Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-6973 #infosec #CISA #Ivanti #vulnerability", "creation_timestamp": "2026-05-07T16:03:20.347918Z"}, {"uuid": "8bf0f738-06c2-41e7-96fb-409e467c5bc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116534136643812529", "content": "CISA has updated the KEV catalogue.\n-  CVE-2026-6973: Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-6973 #infosec #CISA #Ivanti #vulnerability", "creation_timestamp": "2026-05-07T16:03:31.737116Z"}, {"uuid": "9f61f014-659e-42a3-a5f1-dd52634cdb63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mlblzctkjv2a", "content": "~Cybergcca~\nCCCS issued 5 advisories, highlighting critical updates for Spring, VM2, VMware, and an actively exploited Ivanti EPMM flaw.\n-\nIOCs: CVE-2026-6973, CVE-2026-40981\n-\n#Ivanti #ThreatIntel #Vulnerability", "creation_timestamp": "2026-05-07T16:08:44.128054Z"}, {"uuid": "af701273-0231-4aea-adbf-ae9d5d217e08", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2026-6973", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/e2e02b4e-2925-4e83-80b2-04175c33125d", "content": "", "creation_timestamp": "2026-05-07T17:00:02.188283Z"}, {"uuid": "1ae74826-3237-4dd3-81fe-5a9655d84e21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6433076", "content": "2026-05-07: [CVE-2026-6973] Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation VulnerabilityIvanti Endpoint Manager Mobile (EPMM) contains an improper input validation vulnerability that allows a remotely authenticated user with administrative access to achieve remote code execution.\ncisakev", "creation_timestamp": "2026-05-07T17:08:54.682170Z"}, {"uuid": "9c1b70a6-c5e9-4eb1-adcf-2589fa089553", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/ivanti-security-advisory-av26-435", "content": "", "creation_timestamp": "2026-05-07T08:35:50.000000Z"}, {"uuid": "d85eda67-2923-4dca-8e60-2d6025c576fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0135", "content": "", "creation_timestamp": "2026-05-07T09:17:26.000000Z"}, {"uuid": "213e60a8-f3f6-44f5-9058-9236ef41b311", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://ccb.belgium.be/advisories/warning-authenticated-remote-code-execution-vulnerability-ivanti-epmm-exploited-patch", "content": "", "creation_timestamp": "2026-05-07T07:54:45.000000Z"}, {"uuid": "1b9fd53c-8c36-40bd-80f6-9f75889d3c9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mld45zqfl52t", "content": "Ivanti reveals CVE-2026-6973, a critical remote code execution flaw in Endpoint Manager Mobile 12.8.0.0 and earlier, exploited in limited zero-day attacks. Additional patches released, admins urged to review credentials. #Ivanti #ZeroDay #USA", "creation_timestamp": "2026-05-08T06:30:22.557731Z"}, {"uuid": "6547954e-5c77-4fe0-a472-3bdc3806f136", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/reconbee.bsky.social/post/3mld55zc53s2y", "content": "Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access reconbee.com/ivanti-epmm-...\n\n#Ivanti #EPMM #adminlevelaccess #cybersecurity #cyberattack", "creation_timestamp": "2026-05-08T06:48:19.934724Z"}, {"uuid": "000695f9-3bc7-4c53-a69b-a4f7c91773d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://www.acn.gov.it/portale/w/ivanti-rilevate-nuove-vulnerabilita-di-cui-una-di-tipo-zero-day", "content": "Ivanti ha rilasciato aggiornamenti di sicurezza per risolvere 5 nuove vulnerabilit\u00e0 con gravit\u00e0 \u201calta\u201d, di cui una di tipo zero-day, che riguardano il prodotto Endpoint Manager Mobile (EPMM). Tra queste si evidenzia la CVE-2026-6973, di tipo \u201cRemote Code Execution\u201d, che risulterebbe sfruttata attivamente in rete.", "creation_timestamp": "2026-05-08T04:07:15.000000Z"}, {"uuid": "acf5fc94-71e2-4c0b-9479-6d9f87c69dee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-6973", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/116537759112811327", "content": "\ud83d\udea8 Ivanti Endpoint Manager Mobile flaw (CVE-2026-6973) is being exploited in limited attacks, enabling remote code execution with admin access.\nCISA has added it to its KEV catalog, with federal agencies ordered to patch by May 10, 2026.\nRead: https://thehackernews.com/2026/05/ivanti-epmm-cve-2026-6973-rce-under.html", "creation_timestamp": "2026-05-08T07:24:44.630117Z"}, {"uuid": "00532ca5-bbc6-4ebb-940b-bfeff4d771f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mldbzt2z3p2o", "content": "Ivanti released patches for five vulnerabilities in Endpoint Manager Mobile, including CVE-2026-6973, a zero-day exploited in targeted attacks allowing remote code execution by authenticated admins. #IvantiPatch #ZeroDay #USA", "creation_timestamp": "2026-05-08T08:15:23.863165Z"}, {"uuid": "6e9be40b-3a44-4d27-9c11-eb7c169eb4e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-6973", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mlddgbcnbq2r", "content": "\ud83d\udcf0 Ivanti Rilis Peringatan Darurat: Kerentanan Zero-Day Baru Dieksploitasi di EPMM\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/05/08/ivanti-peringatkan-eksploitasi-zero-day-baru-pada-epmm-cve-2026-6973/\n\n#adminIt #beritaTeknologi #cisa #cve-2026-6973 #ivanti #ivantiEpmm #keamana", "creation_timestamp": "2026-05-08T08:40:14.546092Z"}, {"uuid": "52f60283-5eb2-4231-ab34-7f94ea3d8b74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://infosec.exchange/users/jbhall56/statuses/116539082888845516", "content": "Tracked as CVE-2026-6973, this security flaw allows attackers with administrative privileges to execute arbitrary code remotely on systems running EPMM 12.8.0.0 and earlier. https://www.bleepingcomputer.com/news/security/cisa-gives-feds-four-days-to-patch-ivanti-flaw-exploited-as-zero-day/", "creation_timestamp": "2026-05-08T13:01:25.007649Z"}, {"uuid": "018a6000-3cd7-4d74-b79f-74eb8d828c3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/jbhall56.bsky.social/post/3mldrziuo3c2m", "content": "Tracked as CVE-2026-6973, this security flaw allows attackers with administrative privileges to execute arbitrary code remotely on systems running EPMM 12.8.0.0 and earlier. www.bleepingcomputer.com/news/securit...", "creation_timestamp": "2026-05-08T13:01:33.629097Z"}, {"uuid": "30963270-b6a1-45ce-acaf-e5ea8fc07560", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mlc7txwz7h2m", "content": "Ivanti has issued a critical advisory for its Endpoint Manager Mobile (EPMM) product, revealing multiple actively exploited vulnerabilities, including CVE-2026-6973, which requires admin authentication. The flaws affect only on-premises EPMM deployments.", "creation_timestamp": "2026-05-07T22:03:40.445991Z"}, {"uuid": "4b21b3e5-692b-4ce4-bf69-9bccabf4f6e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://www.ncsc.nl/alerts/actief-misbruik-ivanti-endpoint-manager-mobile", "content": "", "creation_timestamp": "2026-05-08T04:17:08.000000Z"}, {"uuid": "34c1d492-f9c9-4c8f-8614-4171f197669b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/neroqc.bsky.social/post/3mldtb56k4s2s", "content": "Ivanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973)\nwww.helpnetsecurity.com/2026/05/08/i...", "creation_timestamp": "2026-05-08T13:23:45.713156Z"}, {"uuid": "ef33886a-3d19-422d-9b9e-b96acca50c41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/bitnewsbot.bsky.social/post/3mlcaz4d47m2x", "content": "A new, actively exploited flaw (CVE-2026-6973) in Ivanti Endpoint Manager Mobile allows authenticated admins remote code execution. The U.S. Cybersecurity [\u2026]", "creation_timestamp": "2026-05-07T22:24:27.086990Z"}, {"uuid": "e665eaab-083c-4b91-be30-4935ba179d28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mlcgoza2gr23", "content": "CISA\u304c\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\u30921\u4ef6\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0 \n\nCISA Adds One Known Exploited Vulnerability to Catalog  #CISA (May 7)\n\nCVE-2026-6973  Ivanti Endpoint Manager Mobile (EPMM) \u306e\u4e0d\u9069\u5207\u306a\u5165\u529b\u691c\u8a3c\u306e\u8106\u5f31\u6027 \n\nwww.cisa.gov/news-events/...", "creation_timestamp": "2026-05-08T00:06:10.338330Z"}, {"uuid": "9cade22d-6356-48cc-8ea6-d90f9686f0c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3mldjvibnyk2s", "content": "Ivanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973)\n\n\ud83d\udcd6 Read more: www.helpnetsecurity.com/2026/05/08/i...\n\n#cybersecurity #cybersecuritynews #0day #endpointmanagement #vulnerability", "creation_timestamp": "2026-05-08T10:36:11.761384Z"}, {"uuid": "ee8df97e-ace4-461d-be2f-f21bc4a46404", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/solomonneas.dev/post/3mldosezhvy2b", "content": "\ud83d\udd34 Ivanti EPMM CVE-2026-6973 now in CISA KEV after active exploitation. Patch on-prem EPMM.\n\n\ud83d\udfe1 Fake Claude site drops Beagle backdoor. Verify AI tool installers.\n\n\ud83d\udfe1 Canvas incident exposed customer data. Review MFA, admins, and tokens.\n\nsolomonneas.dev/intel", "creation_timestamp": "2026-05-08T12:03:52.201763Z"}, {"uuid": "2e89a663-1676-4e7a-ac31-bec1dfff5efe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/vitobotta.com/post/3mldpono4ms23", "content": "CISA KEV update May 7: CVE-2026-6973 Ivanti EPMM added. Actively exploited input validation flaw. Federal deadline applies, everyone else should patch. - www.cisa.gov/news-events/...", "creation_timestamp": "2026-05-08T12:19:41.087539Z"}, {"uuid": "1c8a1fec-cc98-4ac0-90a3-106f3f99e38a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mlcgraupr32m", "content": "Ivanti EPMM\u306eCVE-2026-6973 RCE\u8106\u5f31\u6027\u304c\u5b9f\u969b\u306b\u60aa\u7528\u3055\u308c\u3001\u7ba1\u7406\u8005\u30ec\u30d9\u30eb\u306e\u30a2\u30af\u30bb\u30b9\u6a29\u304c\u4ed8\u4e0e\u3055\u308c\u308b \n\nIvanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access  #HackerNews (May 7)\n\nthehackernews.com/2026/05/ivan...", "creation_timestamp": "2026-05-08T00:07:24.939978Z"}, {"uuid": "110b3ef6-1988-4e94-a7b8-c742e4e4dccd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/tajallius.bsky.social/post/3mlchyculfx2w", "content": "Ivanti Under Attack\n\nIvanti has confirmed the exploitation of a high-severity vulnerability, CVE-2026-6973, in Endpoint Manager Mobile, allowing authenticated admin users to execute arbitrary code. It highlights the risks of credential theft and emphasizes immediate patching, rotating admin\u2026", "creation_timestamp": "2026-05-08T00:29:16.334978Z"}, {"uuid": "d3a3012a-38ce-4682-bf6a-39773646c0c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3mldz6f62ly2p", "content": "Ivanti: We are aware of a very limited number of customers exploited with CVE-2026-6973. Successful exploitation requires Admin authentication.", "creation_timestamp": "2026-05-08T15:09:32.457232Z"}, {"uuid": "55f5f247-ee30-415a-9f00-d99f52a797a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/Firefox.activitypub.awakari.com.ap.brid.gy/post/3mlciqnkajrx2", "content": "Ivanti EPMM Vulnerability Exploited in Active Attacks Grants Admin Access A critical security vulnerability in Ivanti\u2019s Endpoint Manager Mobile (EPMM) software is currently under active exploitat...\n\n#Security #CVE-2026-6973 #EPMM #Ivanti #remote #code #execution #security #vulnerability\n\nOrigin [\u2026]", "creation_timestamp": "2026-05-08T00:43:00.587658Z"}, {"uuid": "116a4571-d6bb-4880-9f5c-2dd00b562286", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mle36iy5cv2o", "content": "CISA mandates U.S. federal agencies to patch zero-day CVE-2026-6973 in Ivanti Endpoint Manager Mobile within 4 days. Vulnerability allows remote code execution by authenticated admins. Fixed versions released. #IvantiEPMM #ZeroDay #USA", "creation_timestamp": "2026-05-08T15:45:24.776899Z"}, {"uuid": "4a676426-f0e2-4a85-b277-10c55c8a78b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3mlcvjirw6cdi", "content": "CVE-2026-6973 Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability ", "creation_timestamp": "2026-05-08T04:31:59.176202Z"}, {"uuid": "3efdadeb-da45-48d8-b9fe-c913ccc478c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://www.cert.se/2026/05/cert-se-veckobrev-v19.html", "content": "", "creation_timestamp": "2026-05-08T06:10:00.000000Z"}, {"uuid": "499a0e86-9f7c-4ced-b854-c26f6b92f4bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://t.me/true_secator/8189", "content": "\u0418 \u0432\u043a\u0440\u0430\u0442\u0446\u0435 \u043e\u0442\u043c\u0435\u0442\u0438\u043c \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0437\u043d\u0430\u0447\u0438\u043c\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043d\u0438\u043c\u0438 \u0443\u0433\u0440\u043e\u0437\u044b:\n\n1. \u0412 Linux \u043d\u043e\u0432\u0430\u044f 0-day - Dirty Frag, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 root \u0432 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u043e\u0432 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0432\u0441\u0435\u0433\u043e \u043b\u0438\u0448\u044c \u043e\u0434\u043d\u043e\u0439 \u043a\u043e\u043c\u0430\u043d\u0434\u044b.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0425\u0451\u043d\u0432\u0443 \u041a\u0438\u043c \u0440\u0430\u0441\u043a\u0440\u044b\u043b \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b PoC.\n\n\u041a\u0430\u043a \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442\u0441\u044f,\u00a0\u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0430 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0434\u0435\u0432\u044f\u0442\u044c \u043b\u0435\u0442 \u043d\u0430\u0437\u0430\u0434 \u0432 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c\u0430 algif_aead \u044f\u0434\u0440\u0430 Linux.\n\nDirty Frag\u00a0\u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0437\u0430 \u0441\u0447\u0435\u0442 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u0434\u0432\u0443\u0445 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u044f\u0434\u0440\u0430 - \u0437\u0430\u043f\u0438\u0441\u0438 \u0432 \u0441\u0442\u0440\u0430\u043d\u0438\u0447\u043d\u044b\u0439 \u043a\u044d\u0448 xfrm-ESP \u0438 \u0437\u0430\u043f\u0438\u0441\u0438 \u0432 \u0441\u0442\u0440\u0430\u043d\u0438\u0447\u043d\u044b\u0439 \u043a\u044d\u0448 RxRPC - \u0434\u043b\u044f \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438 \u0438 \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0445\u043e\u0442\u044f Dirty Frag \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u0442\u043e\u043c\u0443 \u0436\u0435 \u043a\u043b\u0430\u0441\u0441\u0443, \u0447\u0442\u043e \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Linux Dirty Pipe \u0438\u00a0Copy Fail, \u043e\u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043f\u043e\u043b\u0435 \u0444\u0440\u0430\u0433\u043c\u0435\u043d\u0442\u0430 \u0434\u0440\u0443\u0433\u043e\u0439 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0434\u0430\u043d\u043d\u044b\u0445 \u044f\u0434\u0440\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043a\u0430 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE \u0434\u043b\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0448\u0438\u0440\u043e\u043a\u0438\u0439 \u0441\u043f\u0435\u043a\u0442\u0440 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u043e\u0432 Linux, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Ubuntu, Red Hat Enterprise Linux, CentOS Stream, AlmaLinux, openSUSE Tumbleweed \u0438 Fedora, \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0435\u0449\u0435 \u043d\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0414\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u0442 \u0430\u0442\u0430\u043a \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Linux \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u00a0\u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u043a\u043e\u043c\u0430\u043d\u0434\u0443 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043c\u043e\u0434\u0443\u043b\u0435\u0439 \u044f\u0434\u0440\u0430 esp4, esp6 \u0438 rxrpc (\u043e\u0434\u043d\u0430\u043a\u043e \u0432\u0430\u0436\u043d\u043e \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u044d\u0442\u043e \u043d\u0430\u0440\u0443\u0448\u0438\u0442 \u0440\u0430\u0431\u043e\u0442\u0443 IPsec VPN \u0438 \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c AFS).\n\n2. Ivanti \u0430\u043d\u043e\u043d\u0441\u0438\u0440\u0443\u0435\u0442 \u043d\u043e\u0432\u044b\u0439 \u0441\u0435\u0437\u043e\u043d \u043e\u0441\u0442\u0440\u043e\u0441\u044e\u0436\u0435\u0442\u043d\u043e\u0433\u043e \u043e\u0434\u043d\u043e\u0438\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u0441\u0435\u0440\u0438\u0430\u043b\u0430 \u0438 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 (\u0433\u043e\u0442\u043e\u0432\u0438\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u043a\u043e\u0440\u0438\u0447\u043d\u0435\u0432\u044b\u0439 \u043c\u0435\u0440\u0447) \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Endpoint Manager Mobile (EPMM), \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0439 \u0432 0-day \u0430\u0442\u0430\u043a\u0430\u0445.\n\nCVE-2026-6973 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c EPMM 12.8.0.0 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442, \u0447\u0442\u043e \u0435\u0439 \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e\u0431 \u00ab\u043e\u0447\u0435\u043d\u044c \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u043c\u00bb \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0434\u043b\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0436\u0435 Ivanti \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0447\u0435\u0442\u044b\u0440\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 EPMM (CVE-2026-5786, CVE-2026-5787, CVE-2026-5788 \u0438 CVE-2026-7821), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432 \u0447\u0438\u0441\u043b\u0435 \u043f\u0440\u043e\u0447\u0435\u0433\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0442\u043e\u0442 \u0441\u0430\u043c\u044b\u0439 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f.\n\n3. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Adversa.AI \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u044e Claude Code \u0432 \u0441\u0432\u043e\u0438\u0445 \u0446\u0435\u043b\u044f\u0445, \u0447\u0442\u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u043d\u043e\u0432\u0443\u044e \u0443\u0433\u0440\u043e\u0437\u0443 \u0434\u043b\u044f \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a.\n\nTrustFall \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442, \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0441\u0442\u0430\u043c\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u043c\u0438 \u0418\u0418, \u0434\u043b\u044f \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u043a\u0440\u044b\u0442\u044b\u0445 \u0432\u0437\u043b\u043e\u043c\u043e\u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a.\n\n4. \u0410\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u0435\u0436\u0435\u043a\u0432\u0430\u0440\u0442\u0430\u043b\u044c\u043d\u044b\u0439 \u043e\u0442\u0447\u0435\u0442 \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u0432 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2026 \u043d\u0430\u0431\u043e\u0440 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0441\u043d\u043e\u0432\u0430 \u043f\u043e\u043f\u043e\u043b\u043d\u0438\u043b\u0441\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c\u0438 \u0434\u043b\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Microsoft Office, \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Windows \u0438 Linux.\n\n5. Cisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430\u0445 Crosswork Network Controller (CNC) \u0438 Network Services Orchestrator (NSO), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043b\u0430 \u0440\u0443\u0447\u043d\u043e\u0439 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u0434\u043b\u044f \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u041f\u043e\u043a\u0430 CVE-2026-20188 \u043d\u0435 \u0431\u044b\u043b\u0430 \u0435\u0449\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445. \u041e\u0434\u043d\u0430\u043a\u043e \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0440\u0430\u043d\u0435\u0435 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0447\u0430\u0441\u0442\u043e \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u043b\u0438\u0441\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n6. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Mitiga \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043d\u0435\u0437\u0430\u043c\u0435\u0442\u043d\u043e \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0442\u0440\u0430\u0444\u0438\u043a Claude Code MCP, \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0442\u043e\u043a\u0435\u043d\u044b OAuth \u0438 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0442\u044c \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u043c SaaS-\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u043c, \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u0432 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u044d\u0442\u043e \u0432\u0441\u0435 \u043c\u043e\u0436\u043d\u043e \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c.\n\n7. \u0418 \u043d\u0435 \u0437\u0430\u0431\u044b\u0432\u0430\u0435\u043c \u043f\u0440\u043e \u043f\u043e\u0437\u0438\u0442\u0438\u0432\u043d\u044b\u0439 \u00ab\u0432 \u0442\u0440\u0435\u043d\u0434\u0435 VM\u00bb \u0437\u0430 \u0430\u043f\u0440\u0435\u043b\u044c, \u043a\u0443\u0434\u0430 \u0432\u043e\u0448\u043b\u0430 \u043e\u0434\u043d\u0430 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c - (CVE-2026-20963, CVSS 9,8) \u0432 Microsoft SharePoint.", "creation_timestamp": "2026-05-08T18:30:06.000000Z"}, {"uuid": "fc087c64-6e23-4ac1-a771-99348c1f2d5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mlehm52c5s2g", "content": "Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access\n\nIvanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited attacks in the wild.\nThe high-severity vulnerability, CVE-2026-6973 (CVSS score: 7.2)\u2026\n#hackernews #news", "creation_timestamp": "2026-05-08T19:27:46.509539Z"}, {"uuid": "399f01b8-5820-4dbd-b542-bca0402bad74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://t.me/thehackernews/8959", "content": "\ud83d\udea8 Ivanti Endpoint Manager Mobile flaw (CVE-2026-6973) is being exploited in limited attacks, enabling remote code execution with admin access.\n\nCISA has added it to its KEV catalog, with federal agencies ordered to patch by May 10, 2026.\n\nRead: https://thehackernews.com/2026/05/ivanti-epmm-cve-2026-6973-rce-under.html", "creation_timestamp": "2026-05-07T18:16:00.000000Z"}, {"uuid": "08fde295-d40b-4a5d-8af6-c0c1ec2471a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://t.me/information_security_channel/55231", "content": "Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks\nhttps://www.securityweek.com/ivanti-patches-epmm-zero-day-exploited-in-targeted-attacks/\n\nCVE-2026-6973 is a high-severity vulnerability that allows an attacker who has admin privileges to execute arbitrary code.\nThe post Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks (https://www.securityweek.com/ivanti-patches-epmm-zero-day-exploited-in-targeted-attacks/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2026-05-08T08:35:47.000000Z"}, {"uuid": "1c7c2a79-7023-4bf8-addd-4a231b7fb65c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-6973", "type": "seen", "source": "https://bsky.app/profile/mel-echosphere.bsky.social/post/3mlfbnvecr424", "content": "\u300c\u8a8d\u8a3c\u6e08\u307f\u7ba1\u7406\u8005\u306a\u3089\u4efb\u610f\u30b3\u30fc\u30c9\u5b9f\u884c\u300d\u2014\u2014\u305d\u306e\u8a8d\u8a3c\u30011\u6708\u306eCVE\u3067\u3082\u3046\u629c\u304b\u308c\u3066\u308b\u304b\u3082\u3057\u308c\u306d\u3047\u3093\u3060\u305c\u3002\u26a0\ufe0f\n\nIvanti EPMM\u3001CVE-2026-6973\u3002CISA\u304cKEV\u306b\u767b\u9332\u3001\u9023\u90a6\u6a5f\u95a2\u306e\u5bfe\u5fdc\u671f\u9650\u306f\u660e\u65e55/10\u3002\u9732\u51fa\u30a2\u30d7\u30e9\u30a4\u30a2\u30f3\u30b9\u306f800\u53f0\u8d85\u3067\u3001\u5b9f\u5bb3\u3082\u65e2\u306b\u51fa\u3066\u308b\u3002\ud83d\udd4a\ufe0f\n\nhttps://thehackernews.com/2026/05/ivanti-epmm-cve-2026-6973-rce-under.html\n\n#Ivanti", "creation_timestamp": "2026-05-09T03:14:05.741167Z"}, {"uuid": "f2bf45cb-e309-4fa6-915f-658788f1cca4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "Telegram/9A_oQnQrNLF9IvNEJRICkaObO34es17I2vfGbjpKAbm33Q", "content": "", "creation_timestamp": "2026-05-07T18:33:58.000000Z"}, {"uuid": "6a0b65f5-e827-4e2c-86d0-02bbd59eb8f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3mlcxvqgbocih", "content": "Ivanti\u3001\u30bc\u30ed\u30c7\u30a4\u306b\u60aa\u7528\u53ef\u80fd\u306a\u6b20\u9665\u542b\u3080EPMM\u306e\u8106\u5f31\u6027\u3092\u8907\u6570\u4fee\u6b63\uff08CVE-2026-6973\u3001CVE-2026-7821\u4ed6\uff09 | Codebook\uff5cSecurity News https://codebook.machinarecord.com/threatreport/silobreaker-cyber-alert/45488/", "creation_timestamp": "2026-05-08T05:14:37.561704Z"}, {"uuid": "245c0a09-4f8d-4f56-a62f-3cce725d43b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus-2026-12", "content": "", "creation_timestamp": "2026-05-07T08:14:00.000000Z"}, {"uuid": "718424b1-bd82-4374-b43e-83d9774b7ceb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-6973", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3mlcx5kkcfsih", "content": "Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access https://thehackernews.com/2026/05/ivanti-epmm-cve-2026-6973-rce-under.html", "creation_timestamp": "2026-05-08T05:01:06.253835Z"}, {"uuid": "050d5118-3e7d-42d3-9687-88bcea386840", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3mlcxrztivm2x", "content": "Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...", "creation_timestamp": "2026-05-08T05:12:05.880113Z"}, {"uuid": "9549956b-4633-4b23-80af-ae18f6be3d2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/solomonneas.dev/post/3mlipnx32342z", "content": "\ud83d\udd34 Ivanti EPMM zero-day exploited\nCVE-2026-6973 RCE hits EPMM 12.8.0.0 and earlier. Patch now.\n\n\ud83d\udfe1 Fake OpenAI Hugging Face repo pushed infostealer\nTargets cookies, tokens, wallets, SSH and VPN creds.\n\nsolomonneas.dev/intel", "creation_timestamp": "2026-05-10T12:02:35.990534Z"}, {"uuid": "cf0cb744-7f15-4582-b214-c911e3a7152e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/pixelsandpulse.bsky.social/post/3mlhi35loss2h", "content": "Another Ivanti zero-day, another CISA emergency directive. Federal agencies have just 4 days to patch CVE-2026-6973, but this recurring pattern of critical flaws is causing serious \"patching fatigue\" and eroding trust in vital security\u2026\n\nhttps://www.tpp.blog/1gjpc93\n\n#cybersecurity #cisa #ivanti", "creation_timestamp": "2026-05-10T00:14:09.439034Z"}, {"uuid": "2e3287af-9193-4be9-a3b6-3112bf8f3fff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-6973", "type": "seen", "source": "https://bsky.app/profile/cyberowi.pl/post/3mliaqhfphn2o", "content": "\ud83d\udea8 Alert: Aktywny atak na Ivanti EPMM (CVE-2026-6973). Pilne \u0142atanie wymagane.\n\nWykryto luk\u0119 RCE w Ivanti EPMM, kt\u00f3ra jest ju\u017c wykorzystywana w atakach. Ameryka\u0144ska agencja CISA nakaza\u0142a pilne\n\nhttps://cyberowi.pl/alert-aktywny-atak-na-ivanti-epmm-cve-2026-6973-pilne/\n\n#cyberbezpieczenstwo", "creation_timestamp": "2026-05-10T07:35:33.825744Z"}, {"uuid": "b95d020a-2535-42e8-8c86-4d0889c8888e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mlgk35n6rs2g", "content": "Ivanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973)\n\nIvanti has released fixes for 5 high-severity vulnerabilities in its Endpoint Manager Mobile (EPMM) solution, one of which (CVE-2026-6973) has being exploited as a zero-day by attackers. \u201cWe are aware of a ve\u2026\n#hackernews #news", "creation_timestamp": "2026-05-09T15:17:17.856843Z"}, {"uuid": "a3d2e16c-f8d0-4b8b-9772-5f91c915a889", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-6973", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mlivkxjeft2j", "content": "\ud83d\udcf0 CISA Beri Tenggat Waktu 4 Hari bagi Lembaga Federal AS untuk Tambal Zero-Day Ivanti EPMM\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/05/10/cisa-beri-tenggat-4-hari-tambal-zero-day-ivanti-epmm-cve-2026-6973/\n\n#ahmandonkTechNews #beritaTeknologi #cisa #cve-2026-6973 #ivantiEpmm", "creation_timestamp": "2026-05-10T13:48:19.441475Z"}, {"uuid": "56066039-ac83-46de-868a-f54e030e0426", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mljmg7cvnl2u", "content": "CISA adds CVE-2026-6973 | Ivanti EPMM Authenticated RCE to KEV Catalog", "creation_timestamp": "2026-05-10T20:37:14.871440Z"}, {"uuid": "406b7bb6-26c3-4a2e-86ce-052d00be000d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mljzmwrntb24", "content": "Ivanti EPMM\u306e\u8106\u5f31\u6027\u304c\u30bc\u30ed\u30c7\u30a4\u653b\u6483\u3067\u60aa\u7528\u3055\u308c\u308b\uff08CVE-2026-6973\uff09 \n\nIvanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973)  #HelpNetSecurity (May 8)\n\nwww.helpnetsecurity.com/2026/05/08/i...", "creation_timestamp": "2026-05-11T00:33:39.761852Z"}, {"uuid": "2f2a2a45-854a-46c3-8846-933504f5fd0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-6973", "type": "seen", "source": "https://gist.github.com/VortekOffensive/1f75446dc7e61026798ddbe15ec12e1f", "content": "# /ROOT/osint-targets/INTEL_SOURCES.md\n## > REFERENCIAS Y TELEMETR\u00cdA - REPORTE T\u00c1CTICO SEMANAL\n\n**[0x01] VM2 NODE.JS SANDBOX ESCAPE:**\n- The Hacker News: [vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution](https://thehackernews.com/2026/05/vm2-nodejs-library-vulnerabilities.html)\n\n**[0x02] PYPI ZICHATBOT / OCEANLOTUS (APT32):**\n- The Hacker News: [PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux](https://thehackernews.com/2026/05/pypi-packages-deliver-zichatbot-malware.html)\n\n**[0x03] IVANTI EPMM RCE ZERO-DAY (CVE-2026-6973):**\n- The Hacker News: [Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access](https://thehackernews.com/2026/05/ivanti-epmm-cve-2026-6973-rce-under.html)\n\n**[0x04] FILTRACI\u00d3N BANCO DE SANGRE IMSS (IDOR):**\n- Reporte OSINT / Facebook & Dark Web: Exposici\u00f3n de 3.4M de registros por actores \"ColdK3y\", \"Lizard\" y \"Gordo\". Vulnerabilidad IDOR en portal p\u00fablico bancodesangre.imss.gob.mx. [Evidencia en Video](https://www.facebook.com/watch/?v=856632617470137)\n\n---\n*V\u00d8RTEK OFFENSIVE - Purple Team Ops & Threat Intelligence*", "creation_timestamp": "2026-05-11T06:16:28.000000Z"}, {"uuid": "58a9a888-8d71-459a-9751-f03d9f6179dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/technoholic.bsky.social/post/3mlkdje7wop2d", "content": "Ivanti warns of CVE-2026-6973, a high-severity flaw in EPMM (", "creation_timestamp": "2026-05-11T03:30:36.295639Z"}, {"uuid": "a4ffa3f6-b53c-4ce3-b8a0-54f68a252e25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/deafnews-auto.bsky.social/post/3mly2ees4ax24", "content": "Ivanti EPMM Zero-Day Under Active Exploitation: CISA Adds CVE-2026-6973 to KEV Catalog", "creation_timestamp": "2026-05-16T14:25:42.452860Z"}, {"uuid": "0816caa8-6019-44f9-ac1f-885af167400e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3mll3aguvzk2r", "content": "We are tagging CVE-2026-6973 Ivanti EPMM instances seen in our daily scans. 362 IPs seen unpatched on 2026-05-10, down from 562 IPs on 2026-05-08 when we first added the detection.  See Ivanti advisory for details - hub.ivanti.com/s/article/Ma...\n\nCVE-2026-6973 is on US CISA KEV.", "creation_timestamp": "2026-05-11T10:35:11.319360Z"}, {"uuid": "5ca36bd9-8e0c-4a7a-b8c1-59c628c81b2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3mll3akdypk2r", "content": "We are tagging CVE-2026-6973 Ivanti EPMM instances seen in our daily scans. 362 IPs seen unpatched on 2026-05-10, down from 562 IPs on 2026-05-08 when we first added the detection.  See Ivanti advisory for details - hub.ivanti.com/s/article/Ma...\n\nCVE-2026-6973 is on US CISA KEV.", "creation_timestamp": "2026-05-11T10:35:12.432147Z"}, {"uuid": "d692722c-d9bd-449d-9b75-7bcdd1648670", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-6973", "type": "seen", "source": "https://infosec.exchange/users/shadowserver/statuses/116555498711668560", "content": "We are tagging CVE-2026-6973 Ivanti EPMM instances seen in our daily scans. 362 IPs seen unpatched on 2026-05-10, down from 562 IPs on 2026-05-08 when we first added the detection.  See Ivanti advisory for details - https://hub.ivanti.com/s/article/May-2026-Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-Multiple-CVEs?language=en_US\nCVE-2026-6973 is on US CISA KEV.\nRaw IP data in our Vulnerable HTTP reporting https://www.shadowserver.org/what-we-do/network-reporting/vulnerable-http-report/ tagged 'cve-2026-6973'\nPublic Dashboard tree map overview of vulnerable instances:https://dashboard.shadowserver.org/statistics/combined/tree/?date_range=1&source=http_vulnerable&source=http_vulnerable6&tag=cve-2026-6973%2B&data_set=count&scale=log&auto_update=on\nCVE-2026-6973 patch tracker:https://dashboard.shadowserver.org/statistics/combined/time-series/?date_range=7&source=http_vulnerable&source=http_vulnerable6&tag=cve-2026-6973%2B&dataset=unique_ips&limit=100&group_by=geo&stacking=stacked&auto_update=on", "creation_timestamp": "2026-05-11T10:38:17.291277Z"}, {"uuid": "0e85a05f-bbf0-4b3d-81b1-d35f8475437d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/diesec.bsky.social/post/3mll4n3hlc42d", "content": "Ivanti EPMM: 3rd zero-day in 5 months. CVE-2026-6973 exploited before disclosure. CISA KEV deadline: May 10. 508 European instances exposed.\nDidn't rotate admin credentials after January? Ivanti says you're at higher risk. \n\nPatch now: 12.8.0.1. \u2757 \n\n#Ivanti #ZeroDay #MDM", "creation_timestamp": "2026-05-11T11:00:05.589746Z"}, {"uuid": "0a9df394-a97a-4e91-81f5-c58834ff7eed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mma5zxgbck2w", "content": "CISA Adds One Known Exploited Vulnerability to Catalog\nRelease Date May 07, 2026\n\nCVE-2026-6973 Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability", "creation_timestamp": "2026-05-19T19:51:06.787618Z"}, {"uuid": "aa271fa6-d8d7-400f-b116-368b10d94e75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-6973", "type": "seen", "source": "https://bsky.app/profile/clankussy.abu.guru/post/3mmazijswu22s", "content": "Ivanti EPMM zero-day under active attack gives hackers full admin access. Enterprise mobile security completely compromised\u2014device management tools turned into attack vectors. \ud83d\udcf1\ud83d\udd13\\n\\nSource: https://thehackernews.com/2026/05/ivanti-epmm-cve-2026-6973-rce-under.html", "creation_timestamp": "2026-05-20T04:02:28.663768Z"}, {"uuid": "124dd90f-ad76-48ff-9994-10f3a0d168d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mma64cuqy22w", "content": "\u7c73\u56fd\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5e81\uff08CISA\uff09\u306f\u3001Ivanti Endpoint Manager Mobile\uff08EPMM\uff09\u306e\u8106\u5f31\u6027\u3092\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0\u3057\u305f\u3002\n\n\u7c73\u56fd\u306e\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5e81\uff08CISA\uff09\u306f  \u3001Ivanti Endpoint Manager Mobile\uff08EPMM\uff09\u306e\u8106\u5f31\u6027\uff08CVE-2026-6973\u3001CVSS\u30b9\u30b3\u30a27.1\uff09\u3092\u3001 \u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\uff08KEV\uff09\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0\u3057\u307e\u3057\u305f\u3002\n\nIvanti\u306f\u3001Endpoint Manager Mobile\u306b\u5b58\u5728\u3059\u308b\u3001CVE-2026-6973\u3068\u3057\u3066\u8ffd\u8de1...", "creation_timestamp": "2026-05-19T19:52:40.001094Z"}, {"uuid": "c10fba74-15fc-4b7a-b167-0dd66a9f00ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mmadew4mgc22", "content": "Ivanti\u306f\u3001\u6a19\u7684\u578b\u653b\u6483\u3067\u5229\u7528\u3055\u308c\u305fEPMM\u30bc\u30ed\u30c7\u30a4\u30d1\u30c3\u30c1\u3092\u9069\u7528\u3057\u307e\u3057\u305f\n\nIvanti\u306f\u6728\u66dc\u65e5\u306b\u3001Endpoint Manager Mobile\uff08EPMM\uff09\u88fd\u54c1\u5411\u3051\u306e2026\u5e745\u6708\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3092\u516c\u958b\u3057\u3001\u6a19\u7684\u578b\u653b\u6483\u3067\u60aa\u7528\u3055\u308c\u305f\u30bc\u30ed\u30c7\u30a4\u8106\u5f31\u6027\u3092\u542b\u30805\u3064\u306e\u8106\u5f31\u6027\u306b\u5bfe\u51e6\u3057\u307e\u3057\u305f\u3002\n\n\u60aa\u7528\u3055\u308c\u305f\u6b20\u9665\u306f CVE-2026-6973 \u3068\u3057\u3066\u8ffd\u8de1\u3055\u308c\u3066\u304a\u308a\u3001\u9ad8\u5ea6\u306b\u91cd\u5927\u5ea6\u306e\u4e0d\u9069\u5207\u306a\u5165\u529b\u691c\u8a3c\u554f\u984c\u3067\u3042\u308a\u3001\u7ba1\u7406\u8005\u6a29\u9650\u3092\u6301\u3064\u8a8d\u8a3c\u6e08\u307f\u306e\u653b\u6483\u8005\u306b\u3088\u3063\u3066\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u306b\u5229\u7528\u3055\u308c\u5f97\u307e\u3059\u3002\n\nIvanti\u306f\u3001CVE-2026-6973\u3092\u60aa\u7528\u3059\u308b\u653b\u6483\u3067\u6a19\u7684\u306b\u3055\u308c\u3066\u3044\u308b\u300c\u975e\u5e38\u306b\u9650\u3089\u308c\u305f\u9867\u5ba2\u300d\u306e\u6570\u3092\u8a8d\u8b58\u3057\u3066\u3044\u308b\u2026", "creation_timestamp": "2026-05-19T21:26:47.793818Z"}, {"uuid": "d244c907-cf41-43e4-af49-0e8fff03d607", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/cpfcoaching.bsky.social/post/3mmjlkk457c2r", "content": "The May 2026 threat landscape is harsh, with Ivanti zero-day exploits (CVE-2026-6973) and a surge in CIPA pixel lawsuits. Leaders must act now. Read the briefing on securing operations against AI and legal risks. #CyberSecurity #InfoSec #Privacy open.substack.com/pub/cpfcoach...", "creation_timestamp": "2026-05-23T13:47:01.107693Z"}, {"uuid": "f864a0d3-5061-4fe2-aec7-b724fad918bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-6973", "type": "seen", "source": "https://bsky.app/profile/kubonai.bsky.social/post/3mmhbv3vu6k24", "content": "Ivanti EPMM Zero-Day CVE-2026-6973: Actively Exploited \u2014 Patch Now\n\nIvanti Endpoint Manager Mobile (EPMM) zero-day CVE-2026-6973 actively exploited by nation-state actors. CISA KEV listed wi...\n\n\ud83d\udd17 https://ipsec.live/blog/2026-05-22-ivanti-epmm-zero-day-cve-2026-6973\n\n#infosec #cybersecurity", "creation_timestamp": "2026-05-22T15:48:35.012848Z"}]}