[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"focus:max-severity-ivanti-sentry-vulnerability-now-exploited-in-attacks-mqb4c6ct":3},{"item":4},{"id":5,"title":6,"slug":7,"summary":8,"severity":9,"category":10,"cve_ids":11,"affected_products":13,"action_required":16,"article_ids":17,"ioc_summary":19,"source_urls":20,"status":22,"expires_at":23,"created_at":24,"updated_at":25,"articles":26},"9a5565e2-dc72-4323-b6e8-35d0bdecf422","Max severity Ivanti Sentry vulnerability now exploited in attacks","max-severity-ivanti-sentry-vulnerability-now-exploited-in-attacks-mqb4c6ct","Attackers are actively exploiting CVE-2026-10520, a maximum-severity OS command injection flaw in Ivanti Sentry security gateways. This vulnerability allows unauthenticated remote code execution with root privileges on internet-exposed instances. Many appliances were backdoored immediately after Ivanti released patches, indicating widespread active exploitation.","critical","advisory",[12],"CVE-2026-10520",[14,15],"Ivanti Sentry","Ivanti","Immediately identify all Ivanti Sentry appliances in your environment. Patch to the latest version without delay and audit for signs of compromise. Check firewall and VPN logs for suspicious access to these gateways and scan for web shells or persistence mechanisms.",[18],"f1803301-c1e4-45ef-8b39-fed98903119e",null,[21],"https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fmax-severity-ivanti-sentry-vulnerability-now-exploited-in-attacks\u002F","active","2026-06-14T16:06:02.649+00:00","2026-06-12T16:06:05.435016+00:00","2026-06-12T16:06:08.572028+00:00",[27],{"id":18,"title":6,"url":21}]