{"vulnerability": "CVE-2026-10520", "sightings": [{"uuid": "b8d465bc-8224-4b04-b2dd-6c67a8b2665c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/infosecbot.bsky.social/post/3mnvjntpmiv2t", "content": "We're back - analyzing CVE-2026-10520, a Pre-Auth RCE in Ivanti's confusingly named Sentry product.\n\nEnjoy!\nhttps://t.co/efAfOc56OK\n\n\u2014 from @watchtowrcyber (https://x.com/watchtowrcyber/status/2064511364375179457)", "creation_timestamp": "2026-06-10T01:10:10.267254Z"}, {"uuid": "48072de8-4a82-4199-a97e-557345b292c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/ivanti-security-advisory-av26-567", "content": "", "creation_timestamp": "2026-06-09T08:30:20.000000Z"}, {"uuid": "246162fb-e716-4d11-b5e1-07fe0f961841", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3mnviyh7lkg2h", "content": "More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs", "creation_timestamp": "2026-06-10T00:58:12.331378Z"}, {"uuid": "baac9cc6-b477-47a9-bd14-ada8290c47e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/r-netsec.bsky.social/post/3mnvkhko6hr26", "content": "More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs", "creation_timestamp": "2026-06-10T01:24:32.755113Z"}, {"uuid": "3402cef9-aa51-41ec-aad2-3ec5d225e0f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/536dbd2e-9793-4c4b-bc54-a21fd7e60e65", "content": "", "creation_timestamp": "2026-06-10T04:44:07.374229Z"}, {"uuid": "7f1f1d23-9138-40cc-a87d-536b38697a34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-10520.yaml", "content": "", "creation_timestamp": "2026-06-10T02:16:48.000000Z"}, {"uuid": "c1463f51-babd-46eb-825e-91d973ae6cc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-10520", "type": "published-proof-of-concept", "source": "https://labs.watchtowr.com/more-evidence-that-words-dont-mean-what-we-thought-they-meant-ivanti-sentry-pre-auth-os-command-injection-cve-2026-10520", "content": "", "creation_timestamp": "2026-06-09T20:34:10.439000Z"}, {"uuid": "9171c618-3d38-4954-aaa1-1fab7e064ec8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mnvu3fz7q22z", "content": "~Watchtowr~\nCVE-2026-10520 is a critical pre-auth OS command injection in Ivanti Sentry allowing root-level RCE.\n-\nIOCs: (None identified)\n-\n#CVE202610520 #Ivanti #ThreatIntel", "creation_timestamp": "2026-06-10T04:16:42.475711Z"}, {"uuid": "a93e6f38-7897-404f-967b-6b93ae49feb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/tyden.bsky.social/post/3mnwcus6ljq2o", "content": "Spole\u010dnost Ivanti vydala opravy pro dv\u011b kritick\u00e9 zranitelnosti ve sv\u00e9m \u0159e\u0161en\u00ed Sentry, v\u010detn\u011b maxim\u00e1ln\u011b z\u00e1va\u017en\u00e9 chyby CVE-2026-10520", "creation_timestamp": "2026-06-10T08:41:27.123793Z"}, {"uuid": "116fc7a3-9a7c-4b5a-96aa-4b6ca598e084", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnw4exs6dr2l", "content": "Ivanti patched two critical Sentry flaws, including CVE-2026-10520, a max-severity command injection that could allow root code execution, and CVE-2026-10523, an auth bypass for rogue admin access. #Ivanti #Sentry #CVE202610520", "creation_timestamp": "2026-06-10T06:45:13.832223Z"}, {"uuid": "71c1021b-de07-4b24-88a1-178237c13b28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2026-10520", "type": "published-proof-of-concept", "source": "https://labs.watchtowr.com/more-evidence-that-words-dont-mean-what-we-thought-they-meant-ivanti-sentry-pre-auth-os-command-injection-cve-2026-10520/", "content": "", "creation_timestamp": "2026-06-10T09:08:29.979690Z"}, {"uuid": "fe1da3ee-3bdd-4096-aead-e7d9917b7a00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10520", "type": "seen", "source": "https://infosec.exchange/users/obivan/statuses/116724727198447267", "content": "More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) https://labs.watchtowr.com/more-evidence-that-words-dont-mean-what-we-thought-they-meant-ivanti-sentry-pre-auth-os-command-injection-cve-2026-10520/", "creation_timestamp": "2026-06-10T07:53:11.200323Z"}, {"uuid": "dc21a26b-dca6-4422-adeb-3212b9c9c150", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10520", "type": "seen", "source": "https://bsky.app/profile/obivan.infosec.exchange.ap.brid.gy/post/3mnwaeizy7e42", "content": "More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) https://labs.watchtowr.com/more-evidence-that-words-dont-mean-what-we-thought-they-meant-ivanti-sentry-pre-auth-os-command-injection-cve-2026-10520/", "creation_timestamp": "2026-06-10T07:58:23.409158Z"}, {"uuid": "d4286a2a-0ddf-4c9c-b78b-a7076bcf4163", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mnwsmcx3rw2b", "content": "Ivanti Sentry\u306b\u6df1\u523b\u306a\u8106\u5f31\u6027\u3001root\u6a29\u9650\u3067\u306e\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u304c\u53ef\u80fd\u306b\uff08CVE-2026-10520\uff09\n\nIvanti\u306f\u3001Ivanti Sentry\u306b\u5b58\u5728\u3059\u308b2\u4ef6\u306e\u91cd\u5927\u306a\u8106\u5f31\u6027\uff08CVE-2026-10520\u304a\u3088\u3073CVE-2026-10523\uff09\u306b\u30d1\u30c3\u30c1\u3092\u9069\u7528\u3057\u3001\u9867\u5ba2\u306b\u5bfe\u3057\u3066\u76f4\u3061\u306b\u4fee\u6b63\u3092\u5b9f\u65bd\u3059\u308b\u3088\u3046\u547c\u3073\u304b\u3051\u3066\u3044\u307e\u3059\u3002 \u3053\u308c\u3089\u306e\u8106\u5f31\u6027\u304c\u5b9f\u969b\u306b\u60aa\u7528\u3055\u308c\u305f\u3068\u3044\u3046\u60c5\u5831\u306f\u73fe\u6642\u70b9\u3067\u306f\u78ba\u8a8d\u3055\u308c\u3066\u3044\u307e\u305b\u3093\u304c\u3001\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u7814", "creation_timestamp": "2026-06-10T13:23:02.286130Z"}, {"uuid": "779a6ebf-7ddb-4ff5-ab23-7436d33c3068", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://www.acn.gov.it/portale/w/ivanti-june-security-update-1", "content": "Rilasciati gli aggiornamenti di sicurezza di giugno che risolvono 4 nuove vulnerabilit\u00e0, di cui due con gravit\u00e0 \u201ccritica\u201d e due con gravit\u00e0 \u201calta\u201d, in diversi prodotti Ivanti. Tra queste, si evidenzia la CVE-2026-10520, per la quale risulta disponibile un Proof of Concept (PoC) in rete.", "creation_timestamp": "2026-06-10T07:18:20.000000Z"}, {"uuid": "bff82bdf-e39d-4d9e-825f-76b857994304", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116725277445928014", "content": "Some increased actor activities are shown targeting Ivanti Sentry (CVE-2026-10520) https://vuldb.com/vuln/369559/cti", "creation_timestamp": "2026-06-10T10:13:08.354004Z"}, {"uuid": "7123ec77-73bc-4895-99cd-a75acf5a90ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/rxerium.com/post/3mnwjorn6h22a", "content": "\ud83d\udea8 CVE-2026-10520, a critical CVSS 10 OS Command Injection vuln in Ivanti Sentry is now under active exploitation as reported by Defused \n\nScan infrastructure to see if you're vulnerable:\ngithub.com/rxerium/rxer...\n\nPatches are available as per Ivanti's advisory:\nhub.ivanti.com/s/article/Se...", "creation_timestamp": "2026-06-10T10:43:22.594330Z"}, {"uuid": "7ac053f9-92fa-4d8c-b731-ed01aee65f00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10520", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3mnwkyeuu2326", "content": "\ud83d\udea8 CISA KEV [CVSS 10.0 \u00b7 CRITICAL]\nCVE-2026-10520, CVE-2026-10523 - Multiple critical vulnerabilities affecting Ivanti Sentry\n\nhttps://www.rapid7.com/blog/post/etr-cve-2026-10520-cve-2026-10523-multiple-critical-vulnerabilities-affecting-ivanti-sentry\n\n#CISA #KEV #PatchNow", "creation_timestamp": "2026-06-10T11:06:36.593406Z"}, {"uuid": "8d463f2d-4c3a-4718-ab47-5384b5ab30c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3mnwrwkfq5k2z", "content": "Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520)\n\n\ud83d\udcd6 Read more: www.helpnetsecurity.com/2026/06/10/i...\n\n#cybersecurity #cyebrsecuritynews #enterprise #gateway #vulnerability", "creation_timestamp": "2026-06-10T13:10:56.733986Z"}, {"uuid": "4febac55-fcc5-44af-9c5b-897d7e4af9e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/rapid7.com/post/3mnwstvzuss2g", "content": "\ud83d\udea8 On June 9, 2026, #Ivanti published a security advisory for 2 critical vulnerabilities affecting Ivanti Sentry (FKA MobileIron Sentry).\n\nCVE-2026-10520 (CVSS 10.0) is an OS command injection vuln, and CVE-2026-10523 (CVSS 9.9) is an authentication bypass vuln.\n\nRead on: r-7.co/4arpQHd", "creation_timestamp": "2026-06-10T13:27:17.303229Z"}, {"uuid": "942363ad-6c73-464b-bfcd-f238bdd74b08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mnws6kyyvj2e", "content": "\ud83d\udd17 CVE : CVE-2026-6973, CVE-2026-10520, CVE-2026-10520, CVE-2026-10523, CVE-2026-10727, CVE-2026-6973", "creation_timestamp": "2026-06-10T13:15:20.779819Z"}, {"uuid": "2370a764-6863-41ea-acfc-d76be04bce45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://www.cert.se/2026/06/patchtisdag-juni-2026-samlad-information-om-manadens-sakerhetsuppdateringar.html", "content": "", "creation_timestamp": "2026-06-10T05:00:00.000000Z"}, {"uuid": "10ed1524-952c-4460-b36b-d5df5d1a05ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mnwpws6bag2b", "content": "~Certeu~\nIvanti Sentry vulnerabilities (CVE-2026-10520, CVE-2026-10523) allow unauthenticated RCE and admin access.\n-\nIOCs: CVE-2026-10520, CVE-2026-10523\n-\n#CVE202610520 #Ivanti #ThreatIntel", "creation_timestamp": "2026-06-10T12:35:12.401656Z"}, {"uuid": "1f281d83-4c5e-4dda-b651-4f4eda8566dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3mnxbrsgyvi2d", "content": "More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs", "creation_timestamp": "2026-06-10T17:54:55.241921Z"}, {"uuid": "979a20be-8043-4fb2-a81d-ba858bfad9a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://www.ncsc.nl/alerts/verhoogde-kans-op-misbruik-van-ivanti-sentry-kwetsbaarheden", "content": "", "creation_timestamp": "2026-06-10T04:00:31.000000Z"}, {"uuid": "c2247571-ac4d-4341-bcbd-09fe819f5c8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116726949500340282", "content": "\ud83d\udcf0 Ivanti Patches Critical Sentry Flaws Allowing Root-Level RCE\n\u26a0\ufe0f CRITICAL: Ivanti patches two severe flaws in Sentry, including a root-level unauthenticated RCE (CVE-2026-10520). Technical details are public, exploitation risk is high. Patch immediately! #Ivanti #Vulnerability #RCE #CyberSecurity\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/ivanti-sentry-critical-vulnerabilities-allow-root-rce/?utm_source=mastodon&utm_medium=social&utm_campaign=daily", "creation_timestamp": "2026-06-10T17:18:54.810607Z"}, {"uuid": "4d913a31-854e-4532-be61-e0e5bc10b626", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mnx7sbkzl52g", "content": "\u26a0\ufe0f CRITICAL: Ivanti patches two severe flaws in Sentry, including a root-level unauthenticated RCE (CVE-2026-10520). Technical details are public, exploitation risk is high. Patch immediately! #Ivanti #Vulnerability #RCE #CyberSecurity\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-10T17:19:00.939712Z"}, {"uuid": "10c1fb26-f886-451f-b3b0-1a29d6087f97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/infosecbot.bsky.social/post/3mnxaehkw7l25", "content": "CVE-2026-10520, a critical (CVSS 10.0) OS Command Injection vulnerability\u00a0in Ivanti\u00a0Sentry is now under active exploitation as reported by \n@DefusedCyber\n \n\nScan infrastructure to see if you're vulnerable:\u2026\n\n\ud83d\udd01 RT @rxerium | reposted by @silascutler\nhttps://x.com/rxerium/status/2064659435956375874", "creation_timestamp": "2026-06-10T17:29:11.433034Z"}, {"uuid": "4f652402-bc24-45ff-b18f-1fb287bf06b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10520", "type": "seen", "source": "https://bsky.app/profile/sambowne.infosec.exchange.ap.brid.gy/post/3mnxpsjhllms2", "content": "More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) https://labs.watchtowr.com/more-evidence-that-words-dont-mean-what-we-thought-they-meant-ivanti-sentry-pre-auth-os-command-injection-cve-2026-10520/", "creation_timestamp": "2026-06-10T22:05:35.306903Z"}, {"uuid": "d5c4f48b-bf1d-459a-8857-d57b2b11e2cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mnwxlwyxbs2t", "content": "Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520)\n\nwww.helpnetsecurity.com/2026/06/10/i...\n\n#Kyberturvallisuus #LaajaVaikutus #Haavoittuvuus", "creation_timestamp": "2026-06-10T14:54:27.003821Z"}, {"uuid": "f7a2966a-613e-4603-8f01-7d1598e47e4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3mnxjknfsrc2k", "content": "We are observing a large amount of Ivanti Sentry CVE-2026-10520 exploitation attempts based on the public PoC today. We see 19 vulnerable instances in our own scans, with at least 2 backdoored (thanks to Saudi NCA for the tip!). However, all remaining likely compromised too.", "creation_timestamp": "2026-06-10T20:13:45.663938Z"}, {"uuid": "2e6896c4-a16c-4294-b13b-5b9e832f3ac3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3mnxjkqanyk2k", "content": "We are observing a large amount of Ivanti Sentry CVE-2026-10520 exploitation attempts based on the public PoC today. We see 19 vulnerable instances in our own scans, with at least 2 backdoored (thanks to Saudi NCA for the tip!). However, all remaining likely compromised too.", "creation_timestamp": "2026-06-10T20:13:46.692774Z"}, {"uuid": "ff6fdf4d-43e9-46ee-9283-7c9948d4a3aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3mnxjkqapx22k", "content": "We are observing a large amount of Ivanti Sentry CVE-2026-10520 exploitation attempts based on the public PoC today. We see 19 vulnerable instances in our own scans, with at least 2 backdoored (thanks to Saudi NCA for the tip!). However, all remaining likely compromised too.", "creation_timestamp": "2026-06-10T20:13:48.149232Z"}, {"uuid": "07f82b1b-c71d-4b24-9003-7a9784e4eb3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mnxyiljcqp2h", "content": "Ivanti Sentry\u306e\u91cd\u5927\u306a\u8106\u5f31\u6027\u306b\u3088\u308a\u3001\u30eb\u30fc\u30c8\u6a29\u9650\u3067\u306e\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u304c\u53ef\u80fd\u306b\u306a\u308b\uff08CVE-2026-10520\uff09 \n\nCritical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520)  #HelpNetSecurity (Jun 10)\n\nwww.helpnetsecurity.com/2026/06/10/i...", "creation_timestamp": "2026-06-11T00:40:58.913952Z"}, {"uuid": "5c408299-2681-489c-a46f-610387aff0d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mnxkrgqk6z2r", "content": "On June 9, 2026, Ivanti disclosed two critical vulnerabilities in Ivanti Sentry: CVE-2026-10520 (OS command injection, CVSS 10.0) and CVE-2026-10523 (authentication bypass, CVSS 9.9). Both allow remote unauthenticated attackers to execute commands and gain administrative access.", "creation_timestamp": "2026-06-10T20:35:23.850021Z"}, {"uuid": "01546d26-08d5-4aee-905a-ad414aac6b43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnymtuoody2r", "content": "Active attacks target CVE-2026-10520, a max-severity Ivanti Sentry command injection flaw that can grant root code execution on exposed gateways. Fixes are available. #Ivanti #Sentry #CVE202610520", "creation_timestamp": "2026-06-11T06:45:12.609139Z"}, {"uuid": "a86f885a-9226-4933-a56a-0bbd4659542d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mny6npocp42d", "content": "Top 3 CVE for last 7 days:\nCVE-2025-10263: 24 interactions\nCVE-2026-11645: 23 interactions\nCVE-2015-5119: 20 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2025-10263: 22 interactions\nCVE-2026-10520: 17 interactions\nCVE-2026-52884: 7 interactions\n", "creation_timestamp": "2026-06-11T02:31:14.400232Z"}, {"uuid": "bae397c1-3de6-4afb-87f9-caa6ee15cfb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/pixelsandpulse.bsky.social/post/3mnyonvr6ai2v", "content": "Ivanti Sentry users: Your max-severity vulnerability (CVE-2026-10520) is being actively exploited. Shadowserver confirmed widespread compromise just hours after patches were released. Don't wait\u2014patch immediately and assume your\u2026\n\nhttps://www.tpp.blog/1hdu31o\n\n#cybersecurity #ivanti #ivantisentry", "creation_timestamp": "2026-06-11T07:17:40.988577Z"}, {"uuid": "21a30937-e00c-412f-b500-d78c2509f3c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mnz2pvprxk2h", "content": "Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520)\n\nIvanti has patched two critical vulnerabilities (CVE-2026-10520 and CVE-2026-10523) in Ivanti Sentry and has urged customers to implement the fix right away. Though the vulnerabilities are not kn\u2026\n#hackernews #news", "creation_timestamp": "2026-06-11T10:53:32.234399Z"}, {"uuid": "c345fb6d-7d5e-4715-b9cb-431bf0904b63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10520", "type": "seen", "source": "https://infosec.exchange/ap/users/115741367687413652/statuses/116731856878998907", "content": "Ivanti's latest perfect 10\u2014this time a preauth command injection\u2014has been confirmed exploited in the wild.\nhttps://discourse.ifin.network/t/cve-2026-10520-ivanti-sentry-preauth-command-injection-eitw/573/\n#ThreatIntel #ThreatIntelligence #IFIN", "creation_timestamp": "2026-06-11T14:47:27.370455Z"}, {"uuid": "32db3ca2-9ef2-4128-b4c5-029246d224b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mnzalay2552d", "content": "Ivanti Sentry's CVE-2026-10520 is under active exploitation post-PoC release. Patch now to prevent unauthorized access. #CyberSecurity #Ivanti #Vulnerability #PatchNow #InfoSec #DataProtection thedailytechfeed.com/ivanti-sentr...", "creation_timestamp": "2026-06-11T12:38:18.776297Z"}, {"uuid": "03216cd4-cdaa-4540-9762-013317660289", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0180", "content": "Ivanti heeft twee kwetsbaarheden verholpen in Sentry. De kwetsbaarheid met kenmerk CVE-2026-10520, waarvan Ivanti een CVSS-score van 10 heeft toegekend, kan een ongeauthenticeerde kwaadwillende op afstand in staat stellen willekeurige code uitvoeren met root rechten. De kwetsbaarheid met kenmerk CVE-2026-10523, die Ivanti een CVSS score van 9.9, heeft gegeven, kan door een ongeauthenticeerde kwaadwillende op afstand worden misbruikt om administratieve accounts aan te maken.\n\nMisbruik van deze kwetsbaarheden is mogelijk, maar de randvoorwaarden die nodig zijn om deze kwetsbaarheden op afstand uit te buiten, vereisen dat een managementpoort aan het internet is ontsloten. Deze randvoorwaarden zijn niet aanwezig in standaardimplementaties van Ivanti Sentry.\n\nDe kwetsbaarheden hebben Ivanti bereikt via responsible disclosure. Momenteel vindt er, voor zover bekend, geen actief misbruik van deze kwetsbaarheden plaats en is er geen publieke PoC code beschikbaar. Het NCSC verwacht echter dat dit op korte termijn zal veranderen.", "creation_timestamp": "2026-06-11T09:11:03.000000Z"}, {"uuid": "53716490-9d14-4a30-a166-d754d2fcad08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/samilaiho.com/post/3mnzirh5ds22o", "content": "More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry\nPre-Auth OS Command Injection CVE-2026-10520)\nlabs.watchtowr.com/more-evidenc...", "creation_timestamp": "2026-06-11T15:04:59.125396Z"}, {"uuid": "a0efabcb-489e-4272-9102-f9a0bfb688cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mnzuz5m6cy2e", "content": "CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release", "creation_timestamp": "2026-06-11T18:43:59.663949Z"}, {"uuid": "3f1ac1fd-b2ba-44ae-b3e3-831643967d84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mnzvw4snv22r", "content": "CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release\n\nsecurityaffairs.com/193530/uncat...\n\n#Cybersecurity #LargeScaleImpact #Vulnerability", "creation_timestamp": "2026-06-11T19:00:12.488133Z"}, {"uuid": "e5d3dac4-6b2a-4afa-96d4-1ba9933403d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mnzwnn7thm2d", "content": "\ud83d\uded1 CVE-2026-10520\nIvanti Sentry\nCVSS 10.0 / EPSS 3% / KEV: No\nTL;DR: An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7\u2026\nhttps://cvesentinel.com/report/CVE-2026-10520?utm_source=bluesky&utm_medium=social&utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-06-11T19:13:20.494587Z"}, {"uuid": "5476bcb0-15ea-4fc5-bc3e-cf06af6f55a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/ainewsdaily.news/post/3mo27ztpjd32d", "content": "\ud83d\udcf0 Ivanti Sentry pre-auth RCE (CVE-2026-10520) \u2013 CVSS 10.0, public PoC, CISA KEV\n\n#Tech #Technology #News", "creation_timestamp": "2026-06-11T22:01:13.945291Z"}, {"uuid": "930ab6cf-35d7-4228-bf4a-a2562f5343aa", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b07dd423-1f0f-42fa-90f3-a527a7ecb94a", "content": "", "creation_timestamp": "2026-06-11T20:00:02.704031Z"}, {"uuid": "49ac490d-5314-4bb6-a46d-903bb69a89c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mnzzow2shf2z", "content": "Ivanti Under Siege: Critical CVE-2026-10520 Exploited Within Hours as Attackers Race Ahead of Defenders +\u00a0Video\n\nA Dangerous Reality Emerges for Ivanti Customers The cybersecurity world witnessed yet another alarming reminder of how quickly threat actors can weaponize newly disclosed\u2026", "creation_timestamp": "2026-06-11T20:07:44.912364Z"}, {"uuid": "d176458c-1c0a-4f38-94c7-8b84dee5fcd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/hn100.bsky.social/post/3mo23thsi4k2r", "content": "Ivanti Sentry pre-auth RCE (CVE-2026-10520) \u2013 CVSS 10.0, public PoC, CISA KEV\n\nDiscussion", "creation_timestamp": "2026-06-11T20:46:06.176484Z"}, {"uuid": "c297d8c6-7abd-44f9-b985-ff7eaad3a69b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/hnws.bsky.social/post/3mo23tkdjte2d", "content": "Ivanti Sentry pre-auth RCE (CVE-2026-10520) \u2013 CVSS 10.0, public PoC, CISA KEV\ncomments \u00b7 posted on 2026.06.11 at 15:38:42 (c=0, p=4)", "creation_timestamp": "2026-06-11T20:46:08.021408Z"}, {"uuid": "b5d22438-2c08-40dc-b6c9-cbab26bc6216", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/news.karthihegde.dev/post/3mo23vdm4gn2m", "content": "Ivanti Sentry pre-auth RCE (CVE-2026-10520) \u2013 CVSS 10.0, public PoC, CISA KEV\nDiscussion | hackernews | Author: slvnx", "creation_timestamp": "2026-06-11T20:47:08.779453Z"}, {"uuid": "3dd0ca4e-96b4-4858-b080-c202a54a11ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/secdb.bsky.social/post/3mo24mw6gwu2a", "content": "\ud83d\udea8 CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0611)\n\n\u26a0\ufe0f CVE-2026-10520 - Ivanti Sentry OS Command Injection Vulnerability\n\n\n#ZEN #SecDB #InfoSec #CISA_KEV", "creation_timestamp": "2026-06-11T21:00:18.739921Z"}, {"uuid": "e88636e6-27a0-4684-8cf7-0152c2777f5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mo2jiyzhah2e", "content": "CISA\u304c\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\u30921\u4ef6\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0  \n\nCISA Adds One Known Exploited Vulnerability to Catalog  #CISA (Jun 11)\n\nCVE-2026-10520 Ivanti Sentry OS \u30b3\u30de\u30f3\u30c9\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027 \n\nwww.cisa.gov/news-events/...", "creation_timestamp": "2026-06-12T00:50:46.068787Z"}, {"uuid": "f222bb7e-bfae-40ff-9112-6fc390eb3429", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mo2js7koln24", "content": "CVE-2026-10520\u304c\u60aa\u7528\u3055\u308c\u307e\u3057\u305f\uff1aIvanti Sentry\u30b2\u30fc\u30c8\u30a6\u30a7\u30a4\u304c\u30d1\u30c3\u30c1\u30ea\u30ea\u30fc\u30b9\u76f4\u5f8c\u306b\u4fb5\u5bb3\u3055\u308c\u307e\u3057\u305f \n\nCVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release  #SecurityAffairs (Jun 11)\n\nsecurityaffairs.com/193530/uncat...", "creation_timestamp": "2026-06-12T00:55:55.149040Z"}, {"uuid": "2523fe16-214b-4c92-8c2d-7dcf140f08b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2026-10520", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/79a30108-df05-4aba-b6ba-f5007cb6cbf0", "content": "", "creation_timestamp": "2026-06-12T06:55:17.875392Z"}, {"uuid": "5d4c8528-4c33-490d-8946-115666871472", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/cyberlensai.bsky.social/post/3mo2v2mwuvf2i", "content": "CVE watch: CVE-2026-10520: Ivanti Sentry - Ivanti Sentry OS Command Injection...\n\nCheck exposure, dependency, and agent/tool access before panic-patching. Inventory beats vibes.\n\nSource: cisa.gov\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2026-10520", "creation_timestamp": "2026-06-12T04:17:28.600093Z"}, {"uuid": "0f731000-d685-4802-a0fb-b4b67ca61004", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mo3i7isr2d26", "content": "CISA ordered federal agencies to patch the actively exploited Ivanti Sentry flaw CVE-2026-10520 within 3 days. Shadowserver reported widespread attacks against unpatched internet-exposed gateways. #IvantiSentry #CISA #Shadowserver", "creation_timestamp": "2026-06-12T10:00:13.904318Z"}, {"uuid": "2d9a4723-b73c-4943-8455-0b85e42a9235", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10520", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mo3f3ho3jj2p", "content": "\ud83d\udcf0 CISA Perintahkan Agen Federal Tambal Celah Keamanan Kritis Ivanti Sentry dalam 3 Hari\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/06/12/cisa-perintahkan-tambal-ivanti-sentry-hari-minggu/\n\n#bod26-04 #cisa #cve-2026-10520 #gadget #hacker #hardware #ivantiSentry #keamananSiber #", "creation_timestamp": "2026-06-12T09:04:16.372602Z"}, {"uuid": "973c9182-f0ee-4a10-ad10-1ebed224c945", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/pixelsandpulse.bsky.social/post/3mo3fp5fk5n26", "content": "CISA just issued a Binding Operational Directive: patch the actively exploited Ivanti Sentry flaw (CVE-2026-10520) by Sunday. Attackers are already leveraging this critical command injection to gain root access. Is your network safe?\n\nhttps://www.tpp.blog/1crtyng\n\n#cybersecurity #cisa #ivanti", "creation_timestamp": "2026-06-12T09:15:17.041737Z"}, {"uuid": "f3ba935a-3749-44ae-b7ea-53c85ee1cafe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mo3huapyes2y", "content": "Ivanti Sentry\u3001\u30cf\u30cb\u30fc\u30dd\u30c3\u30c8\u3078\u306e\u60aa\u7528\u8a66\u884c\u3092\u78ba\u8a8d\n\n\u7c73\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30a4\u30f3\u30d5\u30e9\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5e81\uff08CISA\uff09\u306f\u3001\u6700\u8fd1\u30d1\u30c3\u30c1\u304c\u9069\u7528\u3055\u308c\u305fIvanti Sentry\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u6e08\u307f\u3068\u3057\u3066\u6307\u6458\u3057\u307e\u3057\u305f\u304c\u3001Ivanti\u306f\u305d\u306e\u6d3b\u52d5\u304c\u30cf\u30cb\u30fc\u30dd\u30c3\u30c8\u4e0a\u3067\u306e\u307f\u89b3\u6e2c\u3055\u308c\u305f\u3082\u306e\u3060\u3068\u8aac\u660e\u3057\u3066\u3044\u307e\u3059\u3002 CVE-2026-10520\uff08CVSS\u30b9\u30b3\u30a210/10\uff09\u3068\u3057\u3066\u8ffd\u8de1\u3055\u308c\u3066\u3044\u308b\u3053\u306e\u8106\u5f31\u6027\u306f", "creation_timestamp": "2026-06-12T09:53:55.725897Z"}, {"uuid": "6fbc3f19-85bd-462f-b0fb-cba401c94037", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mo3hvyaolh2b", "content": "CVE-2026-10520 is a critical Ivanti Sentry OS command injection flaw that CISA added to KEV, while Ivanti says observed activity was limited to honeypots.\n", "creation_timestamp": "2026-06-12T09:54:54.026076Z"}, {"uuid": "9209c9a0-7679-4a8f-8f1e-efb640e93941", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mo4h3zcaus2h", "content": "CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release\n\nAttackers are exploiting the critical CVE-2026-10520 flaw in Ivanti Sentry, compromising many internet-exposed gateways shortly after patches were released. Threat actors have started exploit\u2026\n#hackernews #news", "creation_timestamp": "2026-06-12T19:13:02.948013Z"}, {"uuid": "a63c7235-0bd2-43dc-9bc8-f4e5d819a1ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-06-11)", "content": "", "creation_timestamp": "2026-06-11T00:00:00.000000Z"}, {"uuid": "9618ba14-bca3-40c5-aa7c-e03e064d6f03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116736670151320147", "content": "\u26a0\ufe0f CRITICAL: Ivanti Sentry OS command injection (CVE-2026-10520) enables remote root execution via exposed mgmt port 8443. Only honeypot hits so far \u2014 patch versions 10.5.2, 10.6.2, 10.7.1+ ASAP & restrict access! https://radar.offseq.com/threat/ivanti-sentry-exploitation-attempts-hitting-honeyp-ce849175 #OffSeq #Ivanti #Vuln #Infosec", "creation_timestamp": "2026-06-12T10:30:28.225233Z"}, {"uuid": "177105ad-6b31-4fe1-83cd-14212d360a04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mo3vmoic7o2d", "content": "CISA added CVE-2026-10520 in Ivanti Sentry to its KEV list after signs of exploitation. Ivanti says activity was seen on honeypots. The flaw is a critical unauthenticated OS command injection bug. #CISA #IvantiSentry #KEV", "creation_timestamp": "2026-06-12T14:00:14.261470Z"}, {"uuid": "47f134f8-d401-4f6e-9be9-2f4fdec8576b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mo3vyysdje2c", "content": "\ud83d\udccc CVE-2026-10520 - An OS Command Injection vulnerability\u00a0in Ivanti\u00a0Sentry before\u00a0the\u00a0R10.5.2, R10.6.2 and R10.7.1\u00a0versions\u00a0allows\u00a0a remote unauthenticated user to achiev... https://www.cyberhub.blog/cves/CVE-2026-10520", "creation_timestamp": "2026-06-12T14:07:07.484358Z"}, {"uuid": "798540f1-a570-4f53-a937-359b0121b159", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10520", "type": "seen", "source": "https://bsky.app/profile/sagalinked.bsky.social/post/3mo4bkwxkch26", "content": "\ud83d\udcf0 Ivanti Sentry suffers from a critical remote code execution vulnerability (CVE-2026-10520) with a CVSS score of 10.0, making it highly exploitable and posing significant risks to organizations using Ivanti Sentry for network secu...\n\n\ud83d\udd17 https://hellorecon.com/blog/cve-2026-10520\n\n#Tech #Dev", "creation_timestamp": "2026-06-12T17:34:01.775891Z"}, {"uuid": "f62d9188-494d-4fe7-b94d-a8dd069ffe81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://ccb.belgium.be/advisories/warning-critical-root-level-remote-code-execution-and-authentication-bypass", "content": "", "creation_timestamp": "2026-06-12T06:56:22.000000Z"}, {"uuid": "1ed961b4-f9f5-43c3-b2a0-baf37a5fd3b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mo4henqdit2t", "content": "Root-Level Breach Shockwave: Ivanti Sentry Zero-Day (CVE-2026-10520) Actively Exploited in the Wild as Enterprise Gateways Fall Silent +\u00a0Video\n\n\ud83c\udf10 Introduction: When the Gateway Becomes the Breach Point Enterprise security was built on the idea of controlled entry points, trusted gateways, and\u2026", "creation_timestamp": "2026-06-12T19:17:52.501074Z"}, {"uuid": "ceba740e-7a73-49a4-b97c-d60a7c41968b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/cerberusit.bsky.social/post/3mo5njpbitq2w", "content": "Just when we thought we could have a quiet cup of tea, Ivanti drops CVE-2026-10520 and CVE-2026-10523 to remind us of our endless mortality. These stunning flaws allow unauthenticated freeloaders to gain root-level command execution or simply create administrative accounts to run...\n\nRead full story", "creation_timestamp": "2026-06-13T06:40:43.594410Z"}, {"uuid": "41236521-1f58-44aa-b764-e6d7862a3425", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3mo4jymbxli2h", "content": "\ud83d\udea8 CRITICAL EDGE INFRASTRUCTURE ALERT: CVE-2026-10520 \ud83d\udea8The enterprise perimeter is facing an active, unauthenticated exploitation vector. A maximum severity CVSS 10.0 Pre-Auth Remote Code Execution (RCE) vulnerability in Ivanti Sentry has been added to the CISA Known Exploited Vulnerabilities (KEV)\u2026", "creation_timestamp": "2026-06-12T20:05:00.621604Z"}, {"uuid": "65cda96f-e77c-46bf-abef-f9d7023e566c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-06-12)", "content": "", "creation_timestamp": "2026-06-12T00:00:00.000000Z"}, {"uuid": "81d7ec51-1403-45e0-b6de-ff178784aa3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10520", "type": "seen", "source": "https://bsky.app/profile/cyberveille-ch.bsky.social/post/3mo727cmok32c", "content": "\ud83d\udce2 Ivanti Sentry : injection de commandes OS pr\u00e9-authentifi\u00e9e critique (CVE-2026-10520, CVSS 10)\n\ud83d\udcdd ## \ud83d\udd0d Contexte\n\nPubli\u00e9 le 10 juin 2026 par \u2026\nhttps://cyberveille.ch/posts/2026-06-13-ivanti-sentry-injection-de-commandes-os-pre-authentifiee-critique-cve-2026-10520-cvss-10/ #CVE_2026_10520 #Cyberveille", "creation_timestamp": "2026-06-13T20:00:13.501980Z"}, {"uuid": "c93c57c1-97a7-4e18-8acb-76d1321c7faf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mo6m2nndu627", "content": "\u26a0\ufe0f CRITICAL: Ivanti patches two severe flaws in Sentry, including a root-level unauthenticated RCE (CVE-2026-10520). Technical details are public, exploitation risk is high. Patch immediately! #Ivanti #Vulnerability #RCE #CyberSecurity\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-13T15:47:26.526450Z"}, {"uuid": "9f03d804-85e9-4fc7-ad7c-2f241caeb052", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/newstecnicas.com/post/3mo733rilfs2s", "content": "\ud83d\udee1\ufe0f Manual T\u00e9cnico de Mitigaci\u00f3n: Vulnerabilidades CVE-2026-10520 y CVE-2026-10523 en Ivanti Sentry www.newstecnicas.com/2026/06/manu...", "creation_timestamp": "2026-06-13T20:16:12.747901Z"}, {"uuid": "5f56f4ec-1192-4632-abd3-b17fc2f9b2b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/newstecnicas.com/post/3moanazs5422y", "content": "\ud83d\udee1\ufe0f Manual T\u00e9cnico de Mitigaci\u00f3n: #Vulnerabilidades CVE-2026-10520 y CVE-2026-10523 en Ivanti Sentry www.newstecnicas.com/2026/06/manu...", "creation_timestamp": "2026-06-14T11:14:08.343201Z"}, {"uuid": "ae3776b0-8769-41d0-801c-0f72bab1c7ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/billingsley.bsky.social/post/3mo7sgv2sxv27", "content": "COGNOSCERE Daily Brief \u2014 2026-06-14\n\nCISA gave federal agencies until today, June 14, to patch CVE-2026-10520, a CVSS\n\nhttps://youtube.com/watch?v=97xzz64qvVE\n\nDecide.", "creation_timestamp": "2026-06-14T03:13:58.102092Z"}]}