Ivanti Endpoint Manager Mobile is under attack due to a zero-day vulnerability, specifically an improper input validation defect tracked as CVE-2026-6973, which enables authenticated users with administrative privileges to execute code remotely. This exploit allows attackers to target Ivanti customers, leveraging the vulnerability to gain unauthorized access. The company has issued a security advisory to warn customers of the threat, which is being actively exploited by attackers1. Ivanti's disclosure of CVE-2026-6973 highlights the expanding attack surface, emphasizing the need for customers to prioritize their exposure and assess exploitation evidence. The vulnerability affects Ivanti's EPMM product, a commonly targeted solution in the network edge space. As a result, practitioners should reevaluate their security posture and take immediate action to mitigate potential risks. This latest exploit underscores the importance of proactive vulnerability management, particularly for organizations relying on Ivanti's solutions, so what matters most is swift remediation to prevent further exploitation.