Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

CISA emergency patch deadline for Ivanti EPMM

Public Sector Action
First reported
Last updated
Happening score
H score 53
1 unique sources, 1 articles

Summary

Hide ▲

CISA ordered U.S. federal agencies to patch Ivanti EPMM by midnight Sunday, May 10 after adding CVE-2026-6973 to its list of vulnerabilities exploited in attacks. The directive matters because the flaw is already tied to zero-day attacks and can enable remote code execution on EPMM 12.8.0.0 and earlier. Ivanti separately advised customers to install fixed releases and review Admin credentials.

Related Happenings

Congress demands CISA answers on GitHub credential leak

Public Sector Action
First: 22.05.2026 19:34 Last: 22.05.2026 19:34 Sources 1

About this happening: **Lawmakers in both houses of Congress** demanded answers from **CISA** after a contractor exposed **AWS GovCloud keys** and other secrets on **public GitHub**. The letters presse...

Open Happening

CISA KEV order for Copy Fail on federal Linux devices

Public Sector Action
First: 08.05.2026 10:45 Last: 08.05.2026 10:45 Sources 1

About this happening: **CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...

Open Happening

Ivanti EPMM zero-day remote code execution (CVE-2026-6973)

Vulnerability
First: 07.05.2026 18:20 Last: 07.05.2026 18:20 Sources 1

How related: Tracked as CVE-2026-6973, this security flaw allows attackers with administrative privileges to execute arbitrary code remotely on systems running EPMM 12.8.0.0 and earlier.

About this happening: Ivanti's disclosure of **CVE-2026-6973** puts **Endpoint Manager Mobile (EPMM)** customers on alert for a **zero-day remote code execution** flaw that can let authenticated admins...

Latest development: 07.05.2026 20:55

The U.S. Cybersecurity and Infrastructure Security Agency added CVE-2026-6973 to its Known Exploited Vulnerabilities (KEV) catalog and required Federal Civilian Executive Branch agencies to apply the fixes by May 10, 2026.

Open Happening

Ivanti EPMM patch release for CVE-2026-5786, CVE-2026-5787, CVE-2026-5788, and CVE-2026-7821

Security Patch Release
First: 07.05.2026 18:20 Last: 07.05.2026 18:20 Sources 1

About this happening: Ivanti released a security update for on-prem Endpoint Manager Mobile (EPMM) covering CVE-2026-5786, CVE-2026-5787, CVE-2026-5788, and CVE-2026-7821. The patch addresses high-seve...

Latest development: 07.05.2026 20:55

Ivanti released fixes for CVE-2026-5786, CVE-2026-5787, CVE-2026-5788, and CVE-2026-7821 in Endpoint Manager Mobile (EPMM). The updates apply only to on-prem EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1, and Ivanti said the issues are not present in Ivanti Neurons for MDM, Ivanti EPM, Ivanti Sentry, or other Ivanti products.

Open Happening

CISA KEV action for CVE-2026-31431 and FCEB remediation

Public Sector Action
First: 03.05.2026 09:26 Last: 03.05.2026 09:26 Sources 1

About this happening: CISA added **CVE-2026-31431** to its **KEV catalog**, putting **Federal Civilian Executive Branch (FCEB)** agencies on notice to remediate an actively exploited Linux privilege-es...

Open Happening

Timeline

  1. 08.05.2026 15:16 2 articles · 19d ago

    CISA orders federal patching for CVE-2026-6973

    Legal Policy Action Update

    CISA adds CVE-2026-6973 to its list of vulnerabilities exploited in attacks and orders U.S. federal agencies to patch Ivanti Endpoint Manager Mobile (EPMM) systems by midnight Sunday, May 10. The flaw affects EPMM 12.8.0.0 and earlier, can let attackers with administrative privileges execute arbitrary code remotely, and Ivanti advises installing EPMM 12.6.1.1, 12.7.0.1, or 12.8.0.1 and reviewing Admin credentials.

    Show sources
    Open in new tab