{"vulnerability": "CVE-2026-10520", "sightings": [{"uuid": "48072de8-4a82-4199-a97e-557345b292c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/ivanti-security-advisory-av26-567", "content": "", "creation_timestamp": "2026-06-09T08:30:20.000000Z"}, {"uuid": "3402cef9-aa51-41ec-aad2-3ec5d225e0f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/536dbd2e-9793-4c4b-bc54-a21fd7e60e65", "content": "", "creation_timestamp": "2026-06-10T04:44:07.374229Z"}, {"uuid": "b8d465bc-8224-4b04-b2dd-6c67a8b2665c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/infosecbot.bsky.social/post/3mnvjntpmiv2t", "content": "We're back - analyzing CVE-2026-10520, a Pre-Auth RCE in Ivanti's confusingly named Sentry product.\n\nEnjoy!\nhttps://t.co/efAfOc56OK\n\n\u2014 from @watchtowrcyber (https://x.com/watchtowrcyber/status/2064511364375179457)", "creation_timestamp": "2026-06-10T01:10:10.267254Z"}, {"uuid": "baac9cc6-b477-47a9-bd14-ada8290c47e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/r-netsec.bsky.social/post/3mnvkhko6hr26", "content": "More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs", "creation_timestamp": "2026-06-10T01:24:32.755113Z"}, {"uuid": "fe1da3ee-3bdd-4096-aead-e7d9917b7a00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10520", "type": "seen", "source": "https://infosec.exchange/users/obivan/statuses/116724727198447267", "content": "More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) https://labs.watchtowr.com/more-evidence-that-words-dont-mean-what-we-thought-they-meant-ivanti-sentry-pre-auth-os-command-injection-cve-2026-10520/", "creation_timestamp": "2026-06-10T07:53:11.200323Z"}, {"uuid": "c1463f51-babd-46eb-825e-91d973ae6cc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-10520", "type": "published-proof-of-concept", "source": "https://labs.watchtowr.com/more-evidence-that-words-dont-mean-what-we-thought-they-meant-ivanti-sentry-pre-auth-os-command-injection-cve-2026-10520", "content": "", "creation_timestamp": "2026-06-09T20:34:10.439000Z"}, {"uuid": "9171c618-3d38-4954-aaa1-1fab7e064ec8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mnvu3fz7q22z", "content": "~Watchtowr~\nCVE-2026-10520 is a critical pre-auth OS command injection in Ivanti Sentry allowing root-level RCE.\n-\nIOCs: (None identified)\n-\n#CVE202610520 #Ivanti #ThreatIntel", "creation_timestamp": "2026-06-10T04:16:42.475711Z"}, {"uuid": "7f1f1d23-9138-40cc-a87d-536b38697a34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-10520.yaml", "content": "", "creation_timestamp": "2026-06-10T02:16:48.000000Z"}, {"uuid": "246162fb-e716-4d11-b5e1-07fe0f961841", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3mnviyh7lkg2h", "content": "More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs", "creation_timestamp": "2026-06-10T00:58:12.331378Z"}, {"uuid": "a93e6f38-7897-404f-967b-6b93ae49feb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/tyden.bsky.social/post/3mnwcus6ljq2o", "content": "Spole\u010dnost Ivanti vydala opravy pro dv\u011b kritick\u00e9 zranitelnosti ve sv\u00e9m \u0159e\u0161en\u00ed Sentry, v\u010detn\u011b maxim\u00e1ln\u011b z\u00e1va\u017en\u00e9 chyby CVE-2026-10520", "creation_timestamp": "2026-06-10T08:41:27.123793Z"}, {"uuid": "116fc7a3-9a7c-4b5a-96aa-4b6ca598e084", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnw4exs6dr2l", "content": "Ivanti patched two critical Sentry flaws, including CVE-2026-10520, a max-severity command injection that could allow root code execution, and CVE-2026-10523, an auth bypass for rogue admin access. #Ivanti #Sentry #CVE202610520", "creation_timestamp": "2026-06-10T06:45:13.832223Z"}, {"uuid": "dc21a26b-dca6-4422-adeb-3212b9c9c150", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10520", "type": "seen", "source": "https://bsky.app/profile/obivan.infosec.exchange.ap.brid.gy/post/3mnwaeizy7e42", "content": "More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) https://labs.watchtowr.com/more-evidence-that-words-dont-mean-what-we-thought-they-meant-ivanti-sentry-pre-auth-os-command-injection-cve-2026-10520/", "creation_timestamp": "2026-06-10T07:58:23.409158Z"}, {"uuid": "71c1021b-de07-4b24-88a1-178237c13b28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2026-10520", "type": "published-proof-of-concept", "source": "https://labs.watchtowr.com/more-evidence-that-words-dont-mean-what-we-thought-they-meant-ivanti-sentry-pre-auth-os-command-injection-cve-2026-10520/", "content": "", "creation_timestamp": "2026-06-10T09:08:29.979690Z"}, {"uuid": "779a6ebf-7ddb-4ff5-ab23-7436d33c3068", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://www.acn.gov.it/portale/w/ivanti-june-security-update-1", "content": "Rilasciati gli aggiornamenti di sicurezza di giugno che risolvono 4 nuove vulnerabilit\u00e0, di cui due con gravit\u00e0 \u201ccritica\u201d e due con gravit\u00e0 \u201calta\u201d, in diversi prodotti Ivanti. Tra queste, si evidenzia la CVE-2026-10520, per la quale risulta disponibile un Proof of Concept (PoC) in rete.", "creation_timestamp": "2026-06-10T07:18:20.000000Z"}, {"uuid": "bff82bdf-e39d-4d9e-825f-76b857994304", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116725277445928014", "content": "Some increased actor activities are shown targeting Ivanti Sentry (CVE-2026-10520) https://vuldb.com/vuln/369559/cti", "creation_timestamp": "2026-06-10T10:13:08.354004Z"}, {"uuid": "7123ec77-73bc-4895-99cd-a75acf5a90ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/rxerium.com/post/3mnwjorn6h22a", "content": "\ud83d\udea8 CVE-2026-10520, a critical CVSS 10 OS Command Injection vuln in Ivanti Sentry is now under active exploitation as reported by Defused \n\nScan infrastructure to see if you're vulnerable:\ngithub.com/rxerium/rxer...\n\nPatches are available as per Ivanti's advisory:\nhub.ivanti.com/s/article/Se...", "creation_timestamp": "2026-06-10T10:43:22.594330Z"}, {"uuid": "7ac053f9-92fa-4d8c-b731-ed01aee65f00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10520", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3mnwkyeuu2326", "content": "\ud83d\udea8 CISA KEV [CVSS 10.0 \u00b7 CRITICAL]\nCVE-2026-10520, CVE-2026-10523 - Multiple critical vulnerabilities affecting Ivanti Sentry\n\nhttps://www.rapid7.com/blog/post/etr-cve-2026-10520-cve-2026-10523-multiple-critical-vulnerabilities-affecting-ivanti-sentry\n\n#CISA #KEV #PatchNow", "creation_timestamp": "2026-06-10T11:06:36.593406Z"}, {"uuid": "10ed1524-952c-4460-b36b-d5df5d1a05ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mnwpws6bag2b", "content": "~Certeu~\nIvanti Sentry vulnerabilities (CVE-2026-10520, CVE-2026-10523) allow unauthenticated RCE and admin access.\n-\nIOCs: CVE-2026-10520, CVE-2026-10523\n-\n#CVE202610520 #Ivanti #ThreatIntel", "creation_timestamp": "2026-06-10T12:35:12.401656Z"}, {"uuid": "d4286a2a-0ddf-4c9c-b78b-a7076bcf4163", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mnwsmcx3rw2b", "content": "Ivanti Sentry\u306b\u6df1\u523b\u306a\u8106\u5f31\u6027\u3001root\u6a29\u9650\u3067\u306e\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u304c\u53ef\u80fd\u306b\uff08CVE-2026-10520\uff09\n\nIvanti\u306f\u3001Ivanti Sentry\u306b\u5b58\u5728\u3059\u308b2\u4ef6\u306e\u91cd\u5927\u306a\u8106\u5f31\u6027\uff08CVE-2026-10520\u304a\u3088\u3073CVE-2026-10523\uff09\u306b\u30d1\u30c3\u30c1\u3092\u9069\u7528\u3057\u3001\u9867\u5ba2\u306b\u5bfe\u3057\u3066\u76f4\u3061\u306b\u4fee\u6b63\u3092\u5b9f\u65bd\u3059\u308b\u3088\u3046\u547c\u3073\u304b\u3051\u3066\u3044\u307e\u3059\u3002 \u3053\u308c\u3089\u306e\u8106\u5f31\u6027\u304c\u5b9f\u969b\u306b\u60aa\u7528\u3055\u308c\u305f\u3068\u3044\u3046\u60c5\u5831\u306f\u73fe\u6642\u70b9\u3067\u306f\u78ba\u8a8d\u3055\u308c\u3066\u3044\u307e\u305b\u3093\u304c\u3001\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u7814", "creation_timestamp": "2026-06-10T13:23:02.286130Z"}, {"uuid": "8d463f2d-4c3a-4718-ab47-5384b5ab30c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3mnwrwkfq5k2z", "content": "Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520)\n\n\ud83d\udcd6 Read more: www.helpnetsecurity.com/2026/06/10/i...\n\n#cybersecurity #cyebrsecuritynews #enterprise #gateway #vulnerability", "creation_timestamp": "2026-06-10T13:10:56.733986Z"}, {"uuid": "942363ad-6c73-464b-bfcd-f238bdd74b08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mnws6kyyvj2e", "content": "\ud83d\udd17 CVE : CVE-2026-6973, CVE-2026-10520, CVE-2026-10520, CVE-2026-10523, CVE-2026-10727, CVE-2026-6973", "creation_timestamp": "2026-06-10T13:15:20.779819Z"}, {"uuid": "2370a764-6863-41ea-acfc-d76be04bce45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://www.cert.se/2026/06/patchtisdag-juni-2026-samlad-information-om-manadens-sakerhetsuppdateringar.html", "content": "", "creation_timestamp": "2026-06-10T05:00:00.000000Z"}, {"uuid": "d5c4f48b-bf1d-459a-8857-d57b2b11e2cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mnwxlwyxbs2t", "content": "Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520)\n\nwww.helpnetsecurity.com/2026/06/10/i...\n\n#Kyberturvallisuus #LaajaVaikutus #Haavoittuvuus", "creation_timestamp": "2026-06-10T14:54:27.003821Z"}, {"uuid": "4febac55-fcc5-44af-9c5b-897d7e4af9e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/rapid7.com/post/3mnwstvzuss2g", "content": "\ud83d\udea8 On June 9, 2026, #Ivanti published a security advisory for 2 critical vulnerabilities affecting Ivanti Sentry (FKA MobileIron Sentry).\n\nCVE-2026-10520 (CVSS 10.0) is an OS command injection vuln, and CVE-2026-10523 (CVSS 9.9) is an authentication bypass vuln.\n\nRead on: r-7.co/4arpQHd", "creation_timestamp": "2026-06-10T13:27:17.303229Z"}, {"uuid": "c2247571-ac4d-4341-bcbd-09fe819f5c8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116726949500340282", "content": "\ud83d\udcf0 Ivanti Patches Critical Sentry Flaws Allowing Root-Level RCE\n\u26a0\ufe0f CRITICAL: Ivanti patches two severe flaws in Sentry, including a root-level unauthenticated RCE (CVE-2026-10520). Technical details are public, exploitation risk is high. Patch immediately! #Ivanti #Vulnerability #RCE #CyberSecurity\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/ivanti-sentry-critical-vulnerabilities-allow-root-rce/?utm_source=mastodon&amp;utm_medium=social&amp;utm_campaign=daily", "creation_timestamp": "2026-06-10T17:18:54.810607Z"}, {"uuid": "4d913a31-854e-4532-be61-e0e5bc10b626", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mnx7sbkzl52g", "content": "\u26a0\ufe0f CRITICAL: Ivanti patches two severe flaws in Sentry, including a root-level unauthenticated RCE (CVE-2026-10520). Technical details are public, exploitation risk is high. Patch immediately! #Ivanti #Vulnerability #RCE #CyberSecurity\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-10T17:19:00.939712Z"}, {"uuid": "979a20be-8043-4fb2-a81d-ba858bfad9a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://www.ncsc.nl/alerts/verhoogde-kans-op-misbruik-van-ivanti-sentry-kwetsbaarheden", "content": "", "creation_timestamp": "2026-06-10T04:00:31.000000Z"}, {"uuid": "10c1fb26-f886-451f-b3b0-1a29d6087f97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/infosecbot.bsky.social/post/3mnxaehkw7l25", "content": "CVE-2026-10520, a critical (CVSS 10.0) OS Command Injection vulnerability\u00a0in Ivanti\u00a0Sentry is now under active exploitation as reported by \n@DefusedCyber\n \n\nScan infrastructure to see if you're vulnerable:\u2026\n\n\ud83d\udd01 RT @rxerium | reposted by @silascutler\nhttps://x.com/rxerium/status/2064659435956375874", "creation_timestamp": "2026-06-10T17:29:11.433034Z"}, {"uuid": "1f281d83-4c5e-4dda-b651-4f4eda8566dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3mnxbrsgyvi2d", "content": "More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs", "creation_timestamp": "2026-06-10T17:54:55.241921Z"}, {"uuid": "f7a2966a-613e-4603-8f01-7d1598e47e4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3mnxjknfsrc2k", "content": "We are observing a large amount of Ivanti Sentry CVE-2026-10520 exploitation attempts based on the public PoC today. We see 19 vulnerable instances in our own scans, with at least 2 backdoored (thanks to Saudi NCA for the tip!). However, all remaining likely compromised too.", "creation_timestamp": "2026-06-10T20:13:45.663938Z"}, {"uuid": "2e6896c4-a16c-4294-b13b-5b9e832f3ac3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3mnxjkqanyk2k", "content": "We are observing a large amount of Ivanti Sentry CVE-2026-10520 exploitation attempts based on the public PoC today. We see 19 vulnerable instances in our own scans, with at least 2 backdoored (thanks to Saudi NCA for the tip!). However, all remaining likely compromised too.", "creation_timestamp": "2026-06-10T20:13:46.692774Z"}, {"uuid": "ff6fdf4d-43e9-46ee-9283-7c9948d4a3aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3mnxjkqapx22k", "content": "We are observing a large amount of Ivanti Sentry CVE-2026-10520 exploitation attempts based on the public PoC today. We see 19 vulnerable instances in our own scans, with at least 2 backdoored (thanks to Saudi NCA for the tip!). However, all remaining likely compromised too.", "creation_timestamp": "2026-06-10T20:13:48.149232Z"}, {"uuid": "5c408299-2681-489c-a46f-610387aff0d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mnxkrgqk6z2r", "content": "On June 9, 2026, Ivanti disclosed two critical vulnerabilities in Ivanti Sentry: CVE-2026-10520 (OS command injection, CVSS 10.0) and CVE-2026-10523 (authentication bypass, CVSS 9.9). Both allow remote unauthenticated attackers to execute commands and gain administrative access.", "creation_timestamp": "2026-06-10T20:35:23.850021Z"}]}