Ivanti has warned of a high-severity vulnerability in Endpoint Manager Mobile (CVSS 7.2) that allows authenticated attackers to execute remote code. The flaw, tracked as CVE-2026-6973, affects multiple versions and has already been exploited in limited attacks in the wild, prompting the vendor to urge immediate patching.