Ivanti Sentry pre-auth RCE (CVE-2026-10520) – CVSS 10.0, public PoC, CISA KEV

Vulnerabilities & Exploits, Security(hellorecon.com)view on HackerNews

Ivanti SentryCVE-2026-10520OS command injectionRCEsecurity patchremediation deadline

Author: slvnx

Date: 6/11/2026

Article Summary:

Ivanti Sentry contains a maximum-severity vulnerability (CVE-2026-10520) allowing remote attackers to execute code as root due to unauthenticated OS command injection.