Your refresh plan has a CVE blind spotThe conversation is straightforward, but the problem behind it is not. The customer bought servers in 2017 and typically refresh every five to six years. Generally, around the 2022 to 2023 timeframe, they would have looked to buy new. Historically, that is what would have happene…
KEVCSOONLINE.COM — 08 May 2026
🚨
CVE-2026-6973: Authenticated Admin RCE In Ivanti EPMM Added to CISA KEVCVE-2026-6973: Authenticated Admin RCE In Ivanti EPMM Added to CISA KEV Ivanti has patched CVE-2026-6973, a high-severity remote code execution (RCE) vulnerability affecting Ivanti Endpoint Manager Mobile (EPMM) on-prem deployments. The vulnerability has been exploited in the wil…
KEVSOCRADAR.IO — 08 May 2026
🚨
Why the approaching flood of vulnerabilities changes everything — and what to do about itAI-driven discovery, NIST’s retreat from universal enrichment, and the end of “good enough” vulnerability management Key takeaways AI-driven discovery tools are accelerating CVE volume, resulting in an expected deluge of 59,000 disclosed vulnerabilities this year. NIST has…
Five new holes, one exploited, found in Ivanti Endpoint Manager MobileThe five new vulnerabilities discovered in Ivanti’s on-premises mobile endpoint management solution are a “classic example of the legacy trap” that CSOs must avoid, says an expert. “Patch today to survive the weekend,” said Robert Enderle of the Enderle Group, “but start planning…