https://vulnerability.circl.lu/sightings/feed 2026-05-31T14:40:50.358361+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/5ca36bd9-8e0c-4a7a-b8c1-59c628c81b2f/export 2026-05-31T14:40:50.375546+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "5ca36bd9-8e0c-4a7a-b8c1-59c628c81b2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3mll3akdypk2r", "content": "We are tagging CVE-2026-6973 Ivanti EPMM instances seen in our daily scans. 362 IPs seen unpatched on 2026-05-10, down from 562 IPs on 2026-05-08 when we first added the detection. See Ivanti advisory for details - hub.ivanti.com/s/article/Ma...\n\nCVE-2026-6973 is on US CISA KEV.", "creation_timestamp": "2026-05-11T10:35:12.432147Z"} 2026-05-11T10:35:12.432147+00:00 https://vulnerability.circl.lu/sighting/d692722c-d9bd-449d-9b75-7bcdd1648670/export 2026-05-31T14:40:50.375466+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "d692722c-d9bd-449d-9b75-7bcdd1648670", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-6973", "type": "seen", "source": "https://infosec.exchange/users/shadowserver/statuses/116555498711668560", "content": "We are tagging CVE-2026-6973 Ivanti EPMM instances seen in our daily scans. 362 IPs seen unpatched on 2026-05-10, down from 562 IPs on 2026-05-08 when we first added the detection. See Ivanti advisory for details - https://hub.ivanti.com/s/article/May-2026-Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-Multiple-CVEs?language=en_US\nCVE-2026-6973 is on US CISA KEV.\nRaw IP data in our Vulnerable HTTP reporting https://www.shadowserver.org/what-we-do/network-reporting/vulnerable-http-report/ tagged 'cve-2026-6973'\nPublic Dashboard tree map overview of vulnerable instances:https://dashboard.shadowserver.org/statistics/combined/tree/?date_range=1&source=http_vulnerable&source=http_vulnerable6&tag=cve-2026-6973%2B&data_set=count&scale=log&auto_update=on\nCVE-2026-6973 patch tracker:https://dashboard.shadowserver.org/statistics/combined/time-series/?date_range=7&source=http_vulnerable&source=http_vulnerable6&tag=cve-2026-6973%2B&dataset=unique_ips&limit=100&group_by=geo&stacking=stacked&auto_update=on", "creation_timestamp": "2026-05-11T10:38:17.291277Z"} 2026-05-11T10:38:17.291277+00:00 https://vulnerability.circl.lu/sighting/0e85a05f-bbf0-4b3d-81b1-d35f8475437d/export 2026-05-31T14:40:50.375392+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "0e85a05f-bbf0-4b3d-81b1-d35f8475437d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/diesec.bsky.social/post/3mll4n3hlc42d", "content": "Ivanti EPMM: 3rd zero-day in 5 months. CVE-2026-6973 exploited before disclosure. CISA KEV deadline: May 10. 508 European instances exposed.\nDidn't rotate admin credentials after January? Ivanti says you're at higher risk. \n\nPatch now: 12.8.0.1. \u2757 \n\n#Ivanti #ZeroDay #MDM", "creation_timestamp": "2026-05-11T11:00:05.589746Z"} 2026-05-11T11:00:05.589746+00:00 https://vulnerability.circl.lu/sighting/a4ffa3f6-b53c-4ce3-b8a0-54f68a252e25/export 2026-05-31T14:40:50.375317+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "a4ffa3f6-b53c-4ce3-b8a0-54f68a252e25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/deafnews-auto.bsky.social/post/3mly2ees4ax24", "content": "Ivanti EPMM Zero-Day Under Active Exploitation: CISA Adds CVE-2026-6973 to KEV Catalog", "creation_timestamp": "2026-05-16T14:25:42.452860Z"} 2026-05-16T14:25:42.452860+00:00 https://vulnerability.circl.lu/sighting/0a9df394-a97a-4e91-81f5-c58834ff7eed/export 2026-05-31T14:40:50.375239+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "0a9df394-a97a-4e91-81f5-c58834ff7eed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mma5zxgbck2w", "content": "CISA Adds One Known Exploited Vulnerability to Catalog\nRelease Date May 07, 2026\n\nCVE-2026-6973 Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability", "creation_timestamp": "2026-05-19T19:51:06.787618Z"} 2026-05-19T19:51:06.787618+00:00 https://vulnerability.circl.lu/sighting/124dd90f-ad76-48ff-9994-10f3a0d168d2/export 2026-05-31T14:40:50.375155+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "124dd90f-ad76-48ff-9994-10f3a0d168d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mma64cuqy22w", "content": "\u7c73\u56fd\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5e81\uff08CISA\uff09\u306f\u3001Ivanti Endpoint Manager Mobile\uff08EPMM\uff09\u306e\u8106\u5f31\u6027\u3092\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0\u3057\u305f\u3002\n\n\u7c73\u56fd\u306e\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5e81\uff08CISA\uff09\u306f \u3001Ivanti Endpoint Manager Mobile\uff08EPMM\uff09\u306e\u8106\u5f31\u6027\uff08CVE-2026-6973\u3001CVSS\u30b9\u30b3\u30a27.1\uff09\u3092\u3001 \u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\uff08KEV\uff09\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0\u3057\u307e\u3057\u305f\u3002\n\nIvanti\u306f\u3001Endpoint Manager Mobile\u306b\u5b58\u5728\u3059\u308b\u3001CVE-2026-6973\u3068\u3057\u3066\u8ffd\u8de1...", "creation_timestamp": "2026-05-19T19:52:40.001094Z"} 2026-05-19T19:52:40.001094+00:00 https://vulnerability.circl.lu/sighting/c10fba74-15fc-4b7a-b167-0dd66a9f00ec/export 2026-05-31T14:40:50.375074+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "c10fba74-15fc-4b7a-b167-0dd66a9f00ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mmadew4mgc22", "content": "Ivanti\u306f\u3001\u6a19\u7684\u578b\u653b\u6483\u3067\u5229\u7528\u3055\u308c\u305fEPMM\u30bc\u30ed\u30c7\u30a4\u30d1\u30c3\u30c1\u3092\u9069\u7528\u3057\u307e\u3057\u305f\n\nIvanti\u306f\u6728\u66dc\u65e5\u306b\u3001Endpoint Manager Mobile\uff08EPMM\uff09\u88fd\u54c1\u5411\u3051\u306e2026\u5e745\u6708\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3092\u516c\u958b\u3057\u3001\u6a19\u7684\u578b\u653b\u6483\u3067\u60aa\u7528\u3055\u308c\u305f\u30bc\u30ed\u30c7\u30a4\u8106\u5f31\u6027\u3092\u542b\u30805\u3064\u306e\u8106\u5f31\u6027\u306b\u5bfe\u51e6\u3057\u307e\u3057\u305f\u3002\n\n\u60aa\u7528\u3055\u308c\u305f\u6b20\u9665\u306f CVE-2026-6973 \u3068\u3057\u3066\u8ffd\u8de1\u3055\u308c\u3066\u304a\u308a\u3001\u9ad8\u5ea6\u306b\u91cd\u5927\u5ea6\u306e\u4e0d\u9069\u5207\u306a\u5165\u529b\u691c\u8a3c\u554f\u984c\u3067\u3042\u308a\u3001\u7ba1\u7406\u8005\u6a29\u9650\u3092\u6301\u3064\u8a8d\u8a3c\u6e08\u307f\u306e\u653b\u6483\u8005\u306b\u3088\u3063\u3066\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u306b\u5229\u7528\u3055\u308c\u5f97\u307e\u3059\u3002\n\nIvanti\u306f\u3001CVE-2026-6973\u3092\u60aa\u7528\u3059\u308b\u653b\u6483\u3067\u6a19\u7684\u306b\u3055\u308c\u3066\u3044\u308b\u300c\u975e\u5e38\u306b\u9650\u3089\u308c\u305f\u9867\u5ba2\u300d\u306e\u6570\u3092\u8a8d\u8b58\u3057\u3066\u3044\u308b\u2026", "creation_timestamp": "2026-05-19T21:26:47.793818Z"} 2026-05-19T21:26:47.793818+00:00 https://vulnerability.circl.lu/sighting/aa271fa6-d8d7-400f-b116-368b10d94e75/export 2026-05-31T14:40:50.374980+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "aa271fa6-d8d7-400f-b116-368b10d94e75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-6973", "type": "seen", "source": "https://bsky.app/profile/clankussy.abu.guru/post/3mmazijswu22s", "content": "Ivanti EPMM zero-day under active attack gives hackers full admin access. Enterprise mobile security completely compromised\u2014device management tools turned into attack vectors. \ud83d\udcf1\ud83d\udd13\\n\\nSource: https://thehackernews.com/2026/05/ivanti-epmm-cve-2026-6973-rce-under.html", "creation_timestamp": "2026-05-20T04:02:28.663768Z"} 2026-05-20T04:02:28.663768+00:00 https://vulnerability.circl.lu/sighting/f864a0d3-5061-4fe2-aec7-b724fad918bf/export 2026-05-31T14:40:50.374834+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "f864a0d3-5061-4fe2-aec7-b724fad918bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-6973", "type": "seen", "source": "https://bsky.app/profile/kubonai.bsky.social/post/3mmhbv3vu6k24", "content": "Ivanti EPMM Zero-Day CVE-2026-6973: Actively Exploited \u2014 Patch Now\n\nIvanti Endpoint Manager Mobile (EPMM) zero-day CVE-2026-6973 actively exploited by nation-state actors. CISA KEV listed wi...\n\n\ud83d\udd17 https://ipsec.live/blog/2026-05-22-ivanti-epmm-zero-day-cve-2026-6973\n\n#infosec #cybersecurity", "creation_timestamp": "2026-05-22T15:48:35.012848Z"} 2026-05-22T15:48:35.012848+00:00 https://vulnerability.circl.lu/sighting/d244c907-cf41-43e4-af49-0e8fff03d607/export 2026-05-31T14:40:50.372363+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "d244c907-cf41-43e4-af49-0e8fff03d607", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6973", "type": "seen", "source": "https://bsky.app/profile/cpfcoaching.bsky.social/post/3mmjlkk457c2r", "content": "The May 2026 threat landscape is harsh, with Ivanti zero-day exploits (CVE-2026-6973) and a surge in CIPA pixel lawsuits. Leaders must act now. Read the briefing on securing operations against AI and legal risks. #CyberSecurity #InfoSec #Privacy open.substack.com/pub/cpfcoach...", "creation_timestamp": "2026-05-23T13:47:01.107693Z"} 2026-05-23T13:47:01.107693+00:00