{"vulnerability": "cve-2026-10520", "sightings": [{"uuid": "48072de8-4a82-4199-a97e-557345b292c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/ivanti-security-advisory-av26-567", "content": "", "creation_timestamp": "2026-06-09T08:30:20.000000Z"}, {"uuid": "246162fb-e716-4d11-b5e1-07fe0f961841", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3mnviyh7lkg2h", "content": "More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs", "creation_timestamp": "2026-06-10T00:58:12.331378Z"}, {"uuid": "b8d465bc-8224-4b04-b2dd-6c67a8b2665c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/infosecbot.bsky.social/post/3mnvjntpmiv2t", "content": "We're back - analyzing CVE-2026-10520, a Pre-Auth RCE in Ivanti's confusingly named Sentry product.\n\nEnjoy!\nhttps://t.co/efAfOc56OK\n\n\u2014 from @watchtowrcyber (https://x.com/watchtowrcyber/status/2064511364375179457)", "creation_timestamp": "2026-06-10T01:10:10.267254Z"}, {"uuid": "baac9cc6-b477-47a9-bd14-ada8290c47e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/r-netsec.bsky.social/post/3mnvkhko6hr26", "content": "More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs", "creation_timestamp": "2026-06-10T01:24:32.755113Z"}, {"uuid": "3402cef9-aa51-41ec-aad2-3ec5d225e0f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/536dbd2e-9793-4c4b-bc54-a21fd7e60e65", "content": "", "creation_timestamp": "2026-06-10T04:44:07.374229Z"}, {"uuid": "c1463f51-babd-46eb-825e-91d973ae6cc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-10520", "type": "published-proof-of-concept", "source": "https://labs.watchtowr.com/more-evidence-that-words-dont-mean-what-we-thought-they-meant-ivanti-sentry-pre-auth-os-command-injection-cve-2026-10520", "content": "", "creation_timestamp": "2026-06-09T20:34:10.439000Z"}, {"uuid": "9171c618-3d38-4954-aaa1-1fab7e064ec8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mnvu3fz7q22z", "content": "~Watchtowr~\nCVE-2026-10520 is a critical pre-auth OS command injection in Ivanti Sentry allowing root-level RCE.\n-\nIOCs: (None identified)\n-\n#CVE202610520 #Ivanti #ThreatIntel", "creation_timestamp": "2026-06-10T04:16:42.475711Z"}, {"uuid": "7f1f1d23-9138-40cc-a87d-536b38697a34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-10520.yaml", "content": "", "creation_timestamp": "2026-06-10T02:16:48.000000Z"}, {"uuid": "116fc7a3-9a7c-4b5a-96aa-4b6ca598e084", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnw4exs6dr2l", "content": "Ivanti patched two critical Sentry flaws, including CVE-2026-10520, a max-severity command injection that could allow root code execution, and CVE-2026-10523, an auth bypass for rogue admin access. #Ivanti #Sentry #CVE202610520", "creation_timestamp": "2026-06-10T06:45:13.832223Z"}, {"uuid": "fe1da3ee-3bdd-4096-aead-e7d9917b7a00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10520", "type": "seen", "source": "https://infosec.exchange/users/obivan/statuses/116724727198447267", "content": "More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) https://labs.watchtowr.com/more-evidence-that-words-dont-mean-what-we-thought-they-meant-ivanti-sentry-pre-auth-os-command-injection-cve-2026-10520/", "creation_timestamp": "2026-06-10T07:53:11.200323Z"}, {"uuid": "dc21a26b-dca6-4422-adeb-3212b9c9c150", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10520", "type": "seen", "source": "https://bsky.app/profile/obivan.infosec.exchange.ap.brid.gy/post/3mnwaeizy7e42", "content": "More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) https://labs.watchtowr.com/more-evidence-that-words-dont-mean-what-we-thought-they-meant-ivanti-sentry-pre-auth-os-command-injection-cve-2026-10520/", "creation_timestamp": "2026-06-10T07:58:23.409158Z"}, {"uuid": "a93e6f38-7897-404f-967b-6b93ae49feb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/tyden.bsky.social/post/3mnwcus6ljq2o", "content": "Spole\u010dnost Ivanti vydala opravy pro dv\u011b kritick\u00e9 zranitelnosti ve sv\u00e9m \u0159e\u0161en\u00ed Sentry, v\u010detn\u011b maxim\u00e1ln\u011b z\u00e1va\u017en\u00e9 chyby CVE-2026-10520", "creation_timestamp": "2026-06-10T08:41:27.123793Z"}, {"uuid": "71c1021b-de07-4b24-88a1-178237c13b28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2026-10520", "type": "published-proof-of-concept", "source": "https://labs.watchtowr.com/more-evidence-that-words-dont-mean-what-we-thought-they-meant-ivanti-sentry-pre-auth-os-command-injection-cve-2026-10520/", "content": "", "creation_timestamp": "2026-06-10T09:08:29.979690Z"}, {"uuid": "779a6ebf-7ddb-4ff5-ab23-7436d33c3068", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://www.acn.gov.it/portale/w/ivanti-june-security-update-1", "content": "Rilasciati gli aggiornamenti di sicurezza di giugno che risolvono 4 nuove vulnerabilit\u00e0, di cui due con gravit\u00e0 \u201ccritica\u201d e due con gravit\u00e0 \u201calta\u201d, in diversi prodotti Ivanti. Tra queste, si evidenzia la CVE-2026-10520, per la quale risulta disponibile un Proof of Concept (PoC) in rete.", "creation_timestamp": "2026-06-10T07:18:20.000000Z"}, {"uuid": "bff82bdf-e39d-4d9e-825f-76b857994304", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116725277445928014", "content": "Some increased actor activities are shown targeting Ivanti Sentry (CVE-2026-10520) https://vuldb.com/vuln/369559/cti", "creation_timestamp": "2026-06-10T10:13:08.354004Z"}, {"uuid": "7123ec77-73bc-4895-99cd-a75acf5a90ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/rxerium.com/post/3mnwjorn6h22a", "content": "\ud83d\udea8 CVE-2026-10520, a critical CVSS 10 OS Command Injection vuln in Ivanti Sentry is now under active exploitation as reported by Defused \n\nScan infrastructure to see if you're vulnerable:\ngithub.com/rxerium/rxer...\n\nPatches are available as per Ivanti's advisory:\nhub.ivanti.com/s/article/Se...", "creation_timestamp": "2026-06-10T10:43:22.594330Z"}, {"uuid": "7ac053f9-92fa-4d8c-b731-ed01aee65f00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10520", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3mnwkyeuu2326", "content": "\ud83d\udea8 CISA KEV [CVSS 10.0 \u00b7 CRITICAL]\nCVE-2026-10520, CVE-2026-10523 - Multiple critical vulnerabilities affecting Ivanti Sentry\n\nhttps://www.rapid7.com/blog/post/etr-cve-2026-10520-cve-2026-10523-multiple-critical-vulnerabilities-affecting-ivanti-sentry\n\n#CISA #KEV #PatchNow", "creation_timestamp": "2026-06-10T11:06:36.593406Z"}, {"uuid": "10ed1524-952c-4460-b36b-d5df5d1a05ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mnwpws6bag2b", "content": "~Certeu~\nIvanti Sentry vulnerabilities (CVE-2026-10520, CVE-2026-10523) allow unauthenticated RCE and admin access.\n-\nIOCs: CVE-2026-10520, CVE-2026-10523\n-\n#CVE202610520 #Ivanti #ThreatIntel", "creation_timestamp": "2026-06-10T12:35:12.401656Z"}, {"uuid": "8d463f2d-4c3a-4718-ab47-5384b5ab30c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3mnwrwkfq5k2z", "content": "Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520)\n\n\ud83d\udcd6 Read more: www.helpnetsecurity.com/2026/06/10/i...\n\n#cybersecurity #cyebrsecuritynews #enterprise #gateway #vulnerability", "creation_timestamp": "2026-06-10T13:10:56.733986Z"}, {"uuid": "942363ad-6c73-464b-bfcd-f238bdd74b08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mnws6kyyvj2e", "content": "\ud83d\udd17 CVE : CVE-2026-6973, CVE-2026-10520, CVE-2026-10520, CVE-2026-10523, CVE-2026-10727, CVE-2026-6973", "creation_timestamp": "2026-06-10T13:15:20.779819Z"}, {"uuid": "2370a764-6863-41ea-acfc-d76be04bce45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://www.cert.se/2026/06/patchtisdag-juni-2026-samlad-information-om-manadens-sakerhetsuppdateringar.html", "content": "", "creation_timestamp": "2026-06-10T05:00:00.000000Z"}, {"uuid": "d4286a2a-0ddf-4c9c-b78b-a7076bcf4163", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mnwsmcx3rw2b", "content": "Ivanti Sentry\u306b\u6df1\u523b\u306a\u8106\u5f31\u6027\u3001root\u6a29\u9650\u3067\u306e\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u304c\u53ef\u80fd\u306b\uff08CVE-2026-10520\uff09\n\nIvanti\u306f\u3001Ivanti Sentry\u306b\u5b58\u5728\u3059\u308b2\u4ef6\u306e\u91cd\u5927\u306a\u8106\u5f31\u6027\uff08CVE-2026-10520\u304a\u3088\u3073CVE-2026-10523\uff09\u306b\u30d1\u30c3\u30c1\u3092\u9069\u7528\u3057\u3001\u9867\u5ba2\u306b\u5bfe\u3057\u3066\u76f4\u3061\u306b\u4fee\u6b63\u3092\u5b9f\u65bd\u3059\u308b\u3088\u3046\u547c\u3073\u304b\u3051\u3066\u3044\u307e\u3059\u3002 \u3053\u308c\u3089\u306e\u8106\u5f31\u6027\u304c\u5b9f\u969b\u306b\u60aa\u7528\u3055\u308c\u305f\u3068\u3044\u3046\u60c5\u5831\u306f\u73fe\u6642\u70b9\u3067\u306f\u78ba\u8a8d\u3055\u308c\u3066\u3044\u307e\u305b\u3093\u304c\u3001\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u7814", "creation_timestamp": "2026-06-10T13:23:02.286130Z"}, {"uuid": "4febac55-fcc5-44af-9c5b-897d7e4af9e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/rapid7.com/post/3mnwstvzuss2g", "content": "\ud83d\udea8 On June 9, 2026, #Ivanti published a security advisory for 2 critical vulnerabilities affecting Ivanti Sentry (FKA MobileIron Sentry).\n\nCVE-2026-10520 (CVSS 10.0) is an OS command injection vuln, and CVE-2026-10523 (CVSS 9.9) is an authentication bypass vuln.\n\nRead on: r-7.co/4arpQHd", "creation_timestamp": "2026-06-10T13:27:17.303229Z"}, {"uuid": "979a20be-8043-4fb2-a81d-ba858bfad9a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://www.ncsc.nl/alerts/verhoogde-kans-op-misbruik-van-ivanti-sentry-kwetsbaarheden", "content": "", "creation_timestamp": "2026-06-10T04:00:31.000000Z"}, {"uuid": "d5c4f48b-bf1d-459a-8857-d57b2b11e2cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mnwxlwyxbs2t", "content": "Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520)\n\nwww.helpnetsecurity.com/2026/06/10/i...\n\n#Kyberturvallisuus #LaajaVaikutus #Haavoittuvuus", "creation_timestamp": "2026-06-10T14:54:27.003821Z"}, {"uuid": "c2247571-ac4d-4341-bcbd-09fe819f5c8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116726949500340282", "content": "\ud83d\udcf0 Ivanti Patches Critical Sentry Flaws Allowing Root-Level RCE\n\u26a0\ufe0f CRITICAL: Ivanti patches two severe flaws in Sentry, including a root-level unauthenticated RCE (CVE-2026-10520). Technical details are public, exploitation risk is high. Patch immediately! #Ivanti #Vulnerability #RCE #CyberSecurity\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/ivanti-sentry-critical-vulnerabilities-allow-root-rce/?utm_source=mastodon&utm_medium=social&utm_campaign=daily", "creation_timestamp": "2026-06-10T17:18:54.810607Z"}, {"uuid": "4d913a31-854e-4532-be61-e0e5bc10b626", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mnx7sbkzl52g", "content": "\u26a0\ufe0f CRITICAL: Ivanti patches two severe flaws in Sentry, including a root-level unauthenticated RCE (CVE-2026-10520). Technical details are public, exploitation risk is high. Patch immediately! #Ivanti #Vulnerability #RCE #CyberSecurity\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-10T17:19:00.939712Z"}, {"uuid": "10c1fb26-f886-451f-b3b0-1a29d6087f97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/infosecbot.bsky.social/post/3mnxaehkw7l25", "content": "CVE-2026-10520, a critical (CVSS 10.0) OS Command Injection vulnerability\u00a0in Ivanti\u00a0Sentry is now under active exploitation as reported by \n@DefusedCyber\n \n\nScan infrastructure to see if you're vulnerable:\u2026\n\n\ud83d\udd01 RT @rxerium | reposted by @silascutler\nhttps://x.com/rxerium/status/2064659435956375874", "creation_timestamp": "2026-06-10T17:29:11.433034Z"}, {"uuid": "1f281d83-4c5e-4dda-b651-4f4eda8566dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3mnxbrsgyvi2d", "content": "More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs", "creation_timestamp": "2026-06-10T17:54:55.241921Z"}, {"uuid": "f7a2966a-613e-4603-8f01-7d1598e47e4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3mnxjknfsrc2k", "content": "We are observing a large amount of Ivanti Sentry CVE-2026-10520 exploitation attempts based on the public PoC today. We see 19 vulnerable instances in our own scans, with at least 2 backdoored (thanks to Saudi NCA for the tip!). However, all remaining likely compromised too.", "creation_timestamp": "2026-06-10T20:13:45.663938Z"}, {"uuid": "2e6896c4-a16c-4294-b13b-5b9e832f3ac3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3mnxjkqanyk2k", "content": "We are observing a large amount of Ivanti Sentry CVE-2026-10520 exploitation attempts based on the public PoC today. We see 19 vulnerable instances in our own scans, with at least 2 backdoored (thanks to Saudi NCA for the tip!). However, all remaining likely compromised too.", "creation_timestamp": "2026-06-10T20:13:46.692774Z"}, {"uuid": "ff6fdf4d-43e9-46ee-9283-7c9948d4a3aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3mnxjkqapx22k", "content": "We are observing a large amount of Ivanti Sentry CVE-2026-10520 exploitation attempts based on the public PoC today. We see 19 vulnerable instances in our own scans, with at least 2 backdoored (thanks to Saudi NCA for the tip!). However, all remaining likely compromised too.", "creation_timestamp": "2026-06-10T20:13:48.149232Z"}, {"uuid": "5c408299-2681-489c-a46f-610387aff0d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mnxkrgqk6z2r", "content": "On June 9, 2026, Ivanti disclosed two critical vulnerabilities in Ivanti Sentry: CVE-2026-10520 (OS command injection, CVSS 10.0) and CVE-2026-10523 (authentication bypass, CVSS 9.9). Both allow remote unauthenticated attackers to execute commands and gain administrative access.", "creation_timestamp": "2026-06-10T20:35:23.850021Z"}, {"uuid": "4f652402-bc24-45ff-b18f-1fb287bf06b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10520", "type": "seen", "source": "https://bsky.app/profile/sambowne.infosec.exchange.ap.brid.gy/post/3mnxpsjhllms2", "content": "More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) https://labs.watchtowr.com/more-evidence-that-words-dont-mean-what-we-thought-they-meant-ivanti-sentry-pre-auth-os-command-injection-cve-2026-10520/", "creation_timestamp": "2026-06-10T22:05:35.306903Z"}, {"uuid": "07f82b1b-c71d-4b24-9003-7a9784e4eb3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mnxyiljcqp2h", "content": "Ivanti Sentry\u306e\u91cd\u5927\u306a\u8106\u5f31\u6027\u306b\u3088\u308a\u3001\u30eb\u30fc\u30c8\u6a29\u9650\u3067\u306e\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u304c\u53ef\u80fd\u306b\u306a\u308b\uff08CVE-2026-10520\uff09 \n\nCritical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520)  #HelpNetSecurity (Jun 10)\n\nwww.helpnetsecurity.com/2026/06/10/i...", "creation_timestamp": "2026-06-11T00:40:58.913952Z"}, {"uuid": "a86f885a-9226-4933-a56a-0bbd4659542d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mny6npocp42d", "content": "Top 3 CVE for last 7 days:\nCVE-2025-10263: 24 interactions\nCVE-2026-11645: 23 interactions\nCVE-2015-5119: 20 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2025-10263: 22 interactions\nCVE-2026-10520: 17 interactions\nCVE-2026-52884: 7 interactions\n", "creation_timestamp": "2026-06-11T02:31:14.400232Z"}, {"uuid": "01546d26-08d5-4aee-905a-ad414aac6b43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnymtuoody2r", "content": "Active attacks target CVE-2026-10520, a max-severity Ivanti Sentry command injection flaw that can grant root code execution on exposed gateways. Fixes are available. #Ivanti #Sentry #CVE202610520", "creation_timestamp": "2026-06-11T06:45:12.609139Z"}, {"uuid": "bae397c1-3de6-4afb-87f9-caa6ee15cfb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/pixelsandpulse.bsky.social/post/3mnyonvr6ai2v", "content": "Ivanti Sentry users: Your max-severity vulnerability (CVE-2026-10520) is being actively exploited. Shadowserver confirmed widespread compromise just hours after patches were released. Don't wait\u2014patch immediately and assume your\u2026\n\nhttps://www.tpp.blog/1hdu31o\n\n#cybersecurity #ivanti #ivantisentry", "creation_timestamp": "2026-06-11T07:17:40.988577Z"}, {"uuid": "21a30937-e00c-412f-b500-d78c2509f3c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mnz2pvprxk2h", "content": "Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520)\n\nIvanti has patched two critical vulnerabilities (CVE-2026-10520 and CVE-2026-10523) in Ivanti Sentry and has urged customers to implement the fix right away. Though the vulnerabilities are not kn\u2026\n#hackernews #news", "creation_timestamp": "2026-06-11T10:53:32.234399Z"}, {"uuid": "32db3ca2-9ef2-4128-b4c5-029246d224b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mnzalay2552d", "content": "Ivanti Sentry's CVE-2026-10520 is under active exploitation post-PoC release. Patch now to prevent unauthorized access. #CyberSecurity #Ivanti #Vulnerability #PatchNow #InfoSec #DataProtection thedailytechfeed.com/ivanti-sentr...", "creation_timestamp": "2026-06-11T12:38:18.776297Z"}, {"uuid": "03216cd4-cdaa-4540-9762-013317660289", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0180", "content": "Ivanti heeft twee kwetsbaarheden verholpen in Sentry. De kwetsbaarheid met kenmerk CVE-2026-10520, waarvan Ivanti een CVSS-score van 10 heeft toegekend, kan een ongeauthenticeerde kwaadwillende op afstand in staat stellen willekeurige code uitvoeren met root rechten. De kwetsbaarheid met kenmerk CVE-2026-10523, die Ivanti een CVSS score van 9.9, heeft gegeven, kan door een ongeauthenticeerde kwaadwillende op afstand worden misbruikt om administratieve accounts aan te maken.\n\nMisbruik van deze kwetsbaarheden is mogelijk, maar de randvoorwaarden die nodig zijn om deze kwetsbaarheden op afstand uit te buiten, vereisen dat een managementpoort aan het internet is ontsloten. Deze randvoorwaarden zijn niet aanwezig in standaardimplementaties van Ivanti Sentry.\n\nDe kwetsbaarheden hebben Ivanti bereikt via responsible disclosure. Momenteel vindt er, voor zover bekend, geen actief misbruik van deze kwetsbaarheden plaats en is er geen publieke PoC code beschikbaar. Het NCSC verwacht echter dat dit op korte termijn zal veranderen.", "creation_timestamp": "2026-06-11T09:11:03.000000Z"}, {"uuid": "c345fb6d-7d5e-4715-b9cb-431bf0904b63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10520", "type": "seen", "source": "https://infosec.exchange/ap/users/115741367687413652/statuses/116731856878998907", "content": "Ivanti's latest perfect 10\u2014this time a preauth command injection\u2014has been confirmed exploited in the wild.\nhttps://discourse.ifin.network/t/cve-2026-10520-ivanti-sentry-preauth-command-injection-eitw/573/\n#ThreatIntel #ThreatIntelligence #IFIN", "creation_timestamp": "2026-06-11T14:47:27.370455Z"}, {"uuid": "53716490-9d14-4a30-a166-d754d2fcad08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/samilaiho.com/post/3mnzirh5ds22o", "content": "More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry\nPre-Auth OS Command Injection CVE-2026-10520)\nlabs.watchtowr.com/more-evidenc...", "creation_timestamp": "2026-06-11T15:04:59.125396Z"}, {"uuid": "a0efabcb-489e-4272-9102-f9a0bfb688cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mnzuz5m6cy2e", "content": "CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release", "creation_timestamp": "2026-06-11T18:43:59.663949Z"}, {"uuid": "3f1ac1fd-b2ba-44ae-b3e3-831643967d84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mnzvw4snv22r", "content": "CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release\n\nsecurityaffairs.com/193530/uncat...\n\n#Cybersecurity #LargeScaleImpact #Vulnerability", "creation_timestamp": "2026-06-11T19:00:12.488133Z"}, {"uuid": "e5d3dac4-6b2a-4afa-96d4-1ba9933403d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mnzwnn7thm2d", "content": "\ud83d\uded1 CVE-2026-10520\nIvanti Sentry\nCVSS 10.0 / EPSS 3% / KEV: No\nTL;DR: An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7\u2026\nhttps://cvesentinel.com/report/CVE-2026-10520?utm_source=bluesky&utm_medium=social&utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-06-11T19:13:20.494587Z"}, {"uuid": "930ab6cf-35d7-4228-bf4a-a2562f5343aa", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b07dd423-1f0f-42fa-90f3-a527a7ecb94a", "content": "", "creation_timestamp": "2026-06-11T20:00:02.704031Z"}, {"uuid": "49ac490d-5314-4bb6-a46d-903bb69a89c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mnzzow2shf2z", "content": "Ivanti Under Siege: Critical CVE-2026-10520 Exploited Within Hours as Attackers Race Ahead of Defenders +\u00a0Video\n\nA Dangerous Reality Emerges for Ivanti Customers The cybersecurity world witnessed yet another alarming reminder of how quickly threat actors can weaponize newly disclosed\u2026", "creation_timestamp": "2026-06-11T20:07:44.912364Z"}, {"uuid": "d176458c-1c0a-4f38-94c7-8b84dee5fcd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/hn100.bsky.social/post/3mo23thsi4k2r", "content": "Ivanti Sentry pre-auth RCE (CVE-2026-10520) \u2013 CVSS 10.0, public PoC, CISA KEV\n\nDiscussion", "creation_timestamp": "2026-06-11T20:46:06.176484Z"}, {"uuid": "c297d8c6-7abd-44f9-b985-ff7eaad3a69b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/hnws.bsky.social/post/3mo23tkdjte2d", "content": "Ivanti Sentry pre-auth RCE (CVE-2026-10520) \u2013 CVSS 10.0, public PoC, CISA KEV\ncomments \u00b7 posted on 2026.06.11 at 15:38:42 (c=0, p=4)", "creation_timestamp": "2026-06-11T20:46:08.021408Z"}, {"uuid": "b5d22438-2c08-40dc-b6c9-cbab26bc6216", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/news.karthihegde.dev/post/3mo23vdm4gn2m", "content": "Ivanti Sentry pre-auth RCE (CVE-2026-10520) \u2013 CVSS 10.0, public PoC, CISA KEV\nDiscussion | hackernews | Author: slvnx", "creation_timestamp": "2026-06-11T20:47:08.779453Z"}, {"uuid": "3dd0ca4e-96b4-4858-b080-c202a54a11ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/secdb.bsky.social/post/3mo24mw6gwu2a", "content": "\ud83d\udea8 CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0611)\n\n\u26a0\ufe0f CVE-2026-10520 - Ivanti Sentry OS Command Injection Vulnerability\n\n\n#ZEN #SecDB #InfoSec #CISA_KEV", "creation_timestamp": "2026-06-11T21:00:18.739921Z"}, {"uuid": "5476bcb0-15ea-4fc5-bc3e-cf06af6f55a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/ainewsdaily.news/post/3mo27ztpjd32d", "content": "\ud83d\udcf0 Ivanti Sentry pre-auth RCE (CVE-2026-10520) \u2013 CVSS 10.0, public PoC, CISA KEV\n\n#Tech #Technology #News", "creation_timestamp": "2026-06-11T22:01:13.945291Z"}, {"uuid": "e88636e6-27a0-4684-8cf7-0152c2777f5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mo2jiyzhah2e", "content": "CISA\u304c\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\u30921\u4ef6\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0  \n\nCISA Adds One Known Exploited Vulnerability to Catalog  #CISA (Jun 11)\n\nCVE-2026-10520 Ivanti Sentry OS \u30b3\u30de\u30f3\u30c9\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027 \n\nwww.cisa.gov/news-events/...", "creation_timestamp": "2026-06-12T00:50:46.068787Z"}, {"uuid": "f222bb7e-bfae-40ff-9112-6fc390eb3429", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mo2js7koln24", "content": "CVE-2026-10520\u304c\u60aa\u7528\u3055\u308c\u307e\u3057\u305f\uff1aIvanti Sentry\u30b2\u30fc\u30c8\u30a6\u30a7\u30a4\u304c\u30d1\u30c3\u30c1\u30ea\u30ea\u30fc\u30b9\u76f4\u5f8c\u306b\u4fb5\u5bb3\u3055\u308c\u307e\u3057\u305f \n\nCVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release  #SecurityAffairs (Jun 11)\n\nsecurityaffairs.com/193530/uncat...", "creation_timestamp": "2026-06-12T00:55:55.149040Z"}, {"uuid": "5d4c8528-4c33-490d-8946-115666871472", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/cyberlensai.bsky.social/post/3mo2v2mwuvf2i", "content": "CVE watch: CVE-2026-10520: Ivanti Sentry - Ivanti Sentry OS Command Injection...\n\nCheck exposure, dependency, and agent/tool access before panic-patching. Inventory beats vibes.\n\nSource: cisa.gov\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2026-10520", "creation_timestamp": "2026-06-12T04:17:28.600093Z"}, {"uuid": "2523fe16-214b-4c92-8c2d-7dcf140f08b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2026-10520", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/79a30108-df05-4aba-b6ba-f5007cb6cbf0", "content": "", "creation_timestamp": "2026-06-12T06:55:17.875392Z"}, {"uuid": "2d9a4723-b73c-4943-8455-0b85e42a9235", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10520", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mo3f3ho3jj2p", "content": "\ud83d\udcf0 CISA Perintahkan Agen Federal Tambal Celah Keamanan Kritis Ivanti Sentry dalam 3 Hari\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/06/12/cisa-perintahkan-tambal-ivanti-sentry-hari-minggu/\n\n#bod26-04 #cisa #cve-2026-10520 #gadget #hacker #hardware #ivantiSentry #keamananSiber #", "creation_timestamp": "2026-06-12T09:04:16.372602Z"}, {"uuid": "973c9182-f0ee-4a10-ad10-1ebed224c945", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/pixelsandpulse.bsky.social/post/3mo3fp5fk5n26", "content": "CISA just issued a Binding Operational Directive: patch the actively exploited Ivanti Sentry flaw (CVE-2026-10520) by Sunday. Attackers are already leveraging this critical command injection to gain root access. Is your network safe?\n\nhttps://www.tpp.blog/1crtyng\n\n#cybersecurity #cisa #ivanti", "creation_timestamp": "2026-06-12T09:15:17.041737Z"}, {"uuid": "f3ba935a-3749-44ae-b7ea-53c85ee1cafe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mo3huapyes2y", "content": "Ivanti Sentry\u3001\u30cf\u30cb\u30fc\u30dd\u30c3\u30c8\u3078\u306e\u60aa\u7528\u8a66\u884c\u3092\u78ba\u8a8d\n\n\u7c73\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30a4\u30f3\u30d5\u30e9\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5e81\uff08CISA\uff09\u306f\u3001\u6700\u8fd1\u30d1\u30c3\u30c1\u304c\u9069\u7528\u3055\u308c\u305fIvanti Sentry\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u6e08\u307f\u3068\u3057\u3066\u6307\u6458\u3057\u307e\u3057\u305f\u304c\u3001Ivanti\u306f\u305d\u306e\u6d3b\u52d5\u304c\u30cf\u30cb\u30fc\u30dd\u30c3\u30c8\u4e0a\u3067\u306e\u307f\u89b3\u6e2c\u3055\u308c\u305f\u3082\u306e\u3060\u3068\u8aac\u660e\u3057\u3066\u3044\u307e\u3059\u3002 CVE-2026-10520\uff08CVSS\u30b9\u30b3\u30a210/10\uff09\u3068\u3057\u3066\u8ffd\u8de1\u3055\u308c\u3066\u3044\u308b\u3053\u306e\u8106\u5f31\u6027\u306f", "creation_timestamp": "2026-06-12T09:53:55.725897Z"}, {"uuid": "6fbc3f19-85bd-462f-b0fb-cba401c94037", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mo3hvyaolh2b", "content": "CVE-2026-10520 is a critical Ivanti Sentry OS command injection flaw that CISA added to KEV, while Ivanti says observed activity was limited to honeypots.\n", "creation_timestamp": "2026-06-12T09:54:54.026076Z"}, {"uuid": "0f731000-d685-4802-a0fb-b4b67ca61004", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mo3i7isr2d26", "content": "CISA ordered federal agencies to patch the actively exploited Ivanti Sentry flaw CVE-2026-10520 within 3 days. Shadowserver reported widespread attacks against unpatched internet-exposed gateways. #IvantiSentry #CISA #Shadowserver", "creation_timestamp": "2026-06-12T10:00:13.904318Z"}, {"uuid": "a63c7235-0bd2-43dc-9bc8-f4e5d819a1ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-06-11)", "content": "", "creation_timestamp": "2026-06-11T00:00:00.000000Z"}, {"uuid": "9618ba14-bca3-40c5-aa7c-e03e064d6f03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116736670151320147", "content": "\u26a0\ufe0f CRITICAL: Ivanti Sentry OS command injection (CVE-2026-10520) enables remote root execution via exposed mgmt port 8443. Only honeypot hits so far \u2014 patch versions 10.5.2, 10.6.2, 10.7.1+ ASAP & restrict access! https://radar.offseq.com/threat/ivanti-sentry-exploitation-attempts-hitting-honeyp-ce849175 #OffSeq #Ivanti #Vuln #Infosec", "creation_timestamp": "2026-06-12T10:30:28.225233Z"}, {"uuid": "177105ad-6b31-4fe1-83cd-14212d360a04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mo3vmoic7o2d", "content": "CISA added CVE-2026-10520 in Ivanti Sentry to its KEV list after signs of exploitation. Ivanti says activity was seen on honeypots. The flaw is a critical unauthenticated OS command injection bug. #CISA #IvantiSentry #KEV", "creation_timestamp": "2026-06-12T14:00:14.261470Z"}, {"uuid": "47f134f8-d401-4f6e-9be9-2f4fdec8576b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mo3vyysdje2c", "content": "\ud83d\udccc CVE-2026-10520 - An OS Command Injection vulnerability\u00a0in Ivanti\u00a0Sentry before\u00a0the\u00a0R10.5.2, R10.6.2 and R10.7.1\u00a0versions\u00a0allows\u00a0a remote unauthenticated user to achiev... https://www.cyberhub.blog/cves/CVE-2026-10520", "creation_timestamp": "2026-06-12T14:07:07.484358Z"}, {"uuid": "798540f1-a570-4f53-a937-359b0121b159", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10520", "type": "seen", "source": "https://bsky.app/profile/sagalinked.bsky.social/post/3mo4bkwxkch26", "content": "\ud83d\udcf0 Ivanti Sentry suffers from a critical remote code execution vulnerability (CVE-2026-10520) with a CVSS score of 10.0, making it highly exploitable and posing significant risks to organizations using Ivanti Sentry for network secu...\n\n\ud83d\udd17 https://hellorecon.com/blog/cve-2026-10520\n\n#Tech #Dev", "creation_timestamp": "2026-06-12T17:34:01.775891Z"}, {"uuid": "f62d9188-494d-4fe7-b94d-a8dd069ffe81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://ccb.belgium.be/advisories/warning-critical-root-level-remote-code-execution-and-authentication-bypass", "content": "", "creation_timestamp": "2026-06-12T06:56:22.000000Z"}, {"uuid": "9209c9a0-7679-4a8f-8f1e-efb640e93941", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mo4h3zcaus2h", "content": "CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release\n\nAttackers are exploiting the critical CVE-2026-10520 flaw in Ivanti Sentry, compromising many internet-exposed gateways shortly after patches were released. Threat actors have started exploit\u2026\n#hackernews #news", "creation_timestamp": "2026-06-12T19:13:02.948013Z"}, {"uuid": "1ed961b4-f9f5-43c3-b2a0-baf37a5fd3b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mo4henqdit2t", "content": "Root-Level Breach Shockwave: Ivanti Sentry Zero-Day (CVE-2026-10520) Actively Exploited in the Wild as Enterprise Gateways Fall Silent +\u00a0Video\n\n\ud83c\udf10 Introduction: When the Gateway Becomes the Breach Point Enterprise security was built on the idea of controlled entry points, trusted gateways, and\u2026", "creation_timestamp": "2026-06-12T19:17:52.501074Z"}, {"uuid": "41236521-1f58-44aa-b764-e6d7862a3425", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3mo4jymbxli2h", "content": "\ud83d\udea8 CRITICAL EDGE INFRASTRUCTURE ALERT: CVE-2026-10520 \ud83d\udea8The enterprise perimeter is facing an active, unauthenticated exploitation vector. A maximum severity CVSS 10.0 Pre-Auth Remote Code Execution (RCE) vulnerability in Ivanti Sentry has been added to the CISA Known Exploited Vulnerabilities (KEV)\u2026", "creation_timestamp": "2026-06-12T20:05:00.621604Z"}, {"uuid": "ceba740e-7a73-49a4-b97c-d60a7c41968b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/cerberusit.bsky.social/post/3mo5njpbitq2w", "content": "Just when we thought we could have a quiet cup of tea, Ivanti drops CVE-2026-10520 and CVE-2026-10523 to remind us of our endless mortality. These stunning flaws allow unauthenticated freeloaders to gain root-level command execution or simply create administrative accounts to run...\n\nRead full story", "creation_timestamp": "2026-06-13T06:40:43.594410Z"}, {"uuid": "65cda96f-e77c-46bf-abef-f9d7023e566c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-06-12)", "content": "", "creation_timestamp": "2026-06-12T00:00:00.000000Z"}, {"uuid": "c93c57c1-97a7-4e18-8acb-76d1321c7faf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mo6m2nndu627", "content": "\u26a0\ufe0f CRITICAL: Ivanti patches two severe flaws in Sentry, including a root-level unauthenticated RCE (CVE-2026-10520). Technical details are public, exploitation risk is high. Patch immediately! #Ivanti #Vulnerability #RCE #CyberSecurity\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-13T15:47:26.526450Z"}, {"uuid": "81d7ec51-1403-45e0-b6de-ff178784aa3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10520", "type": "seen", "source": "https://bsky.app/profile/cyberveille-ch.bsky.social/post/3mo727cmok32c", "content": "\ud83d\udce2 Ivanti Sentry : injection de commandes OS pr\u00e9-authentifi\u00e9e critique (CVE-2026-10520, CVSS 10)\n\ud83d\udcdd ## \ud83d\udd0d Contexte\n\nPubli\u00e9 le 10 juin 2026 par \u2026\nhttps://cyberveille.ch/posts/2026-06-13-ivanti-sentry-injection-de-commandes-os-pre-authentifiee-critique-cve-2026-10520-cvss-10/ #CVE_2026_10520 #Cyberveille", "creation_timestamp": "2026-06-13T20:00:13.501980Z"}, {"uuid": "9f03d804-85e9-4fc7-ad7c-2f241caeb052", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/newstecnicas.com/post/3mo733rilfs2s", "content": "\ud83d\udee1\ufe0f Manual T\u00e9cnico de Mitigaci\u00f3n: Vulnerabilidades CVE-2026-10520 y CVE-2026-10523 en Ivanti Sentry www.newstecnicas.com/2026/06/manu...", "creation_timestamp": "2026-06-13T20:16:12.747901Z"}, {"uuid": "ae3776b0-8769-41d0-801c-0f72bab1c7ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/billingsley.bsky.social/post/3mo7sgv2sxv27", "content": "COGNOSCERE Daily Brief \u2014 2026-06-14\n\nCISA gave federal agencies until today, June 14, to patch CVE-2026-10520, a CVSS\n\nhttps://youtube.com/watch?v=97xzz64qvVE\n\nDecide.", "creation_timestamp": "2026-06-14T03:13:58.102092Z"}, {"uuid": "5f56f4ec-1192-4632-abd3-b17fc2f9b2b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/newstecnicas.com/post/3moanazs5422y", "content": "\ud83d\udee1\ufe0f Manual T\u00e9cnico de Mitigaci\u00f3n: #Vulnerabilidades CVE-2026-10520 y CVE-2026-10523 en Ivanti Sentry www.newstecnicas.com/2026/06/manu...", "creation_timestamp": "2026-06-14T11:14:08.343201Z"}, {"uuid": "a22193b6-b074-4165-93d3-e2eec9209291", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/cesnet-certs.mastodonczech.cz.ap.brid.gy/post/3moczwvt4coj2", "content": "[[TLP:CLEAR] Ivanti opravuje 3 zranitelnosti, z toho 1 aktivn\u011b zneu\u017e\u00edvanou]\n\nIvanti opravuje 3 zranitelnosti v produktech Ivanti Sentry \u2b07\ufe0f a Ivanti Endpoint Manager Mobile \u2b07\ufe0f. Zranitelnost CVE-2026-10520 byla na z\u00e1klad\u011b d\u016fkaz\u016f o aktivn\u00edm zneu\u017e\u00edv\u00e1n\u00ed za\u0159azena do katalogu zn\u00e1m\u00fdch zneu\u017e\u00edvan\u00fdch [\u2026]", "creation_timestamp": "2026-06-15T10:06:23.377375Z"}, {"uuid": "2fe18d6d-69d4-46b8-b1ec-d78679e435a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/trinacriatech.bsky.social/post/3moda75bg4c26", "content": "Ivanti Sentry CVE-2026-10520 (CVSS 10.0) in active exploitation. OS command injection unauthenticated \u2192 RCE root. Shadowserver: istanze gi\u00e0 backdoorate. CISA KEV + BOD 26-04. Patch subito: 10.5.2 / 10.6.2 / 10.7.1. #infosec", "creation_timestamp": "2026-06-15T11:58:09.345145Z"}, {"uuid": "a4a1707e-41e2-4226-9f3e-d989532e29e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/crowdsec.bsky.social/post/3modap75jzk2o", "content": "\ud83d\udea8 In this week\u2019s newsletter, we cover CVE-2026-10520, a critical pre-authentication OS command injection vulnerability in Ivanti Sentry now under active exploitation. \n\nRead the full analysis and protect your systems \ud83d\udc49 www.crowdsec.net/vulntracking...", "creation_timestamp": "2026-06-15T12:06:36.696940Z"}, {"uuid": "e5888e1e-0aee-4b40-b818-7b45d375ae86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3modcopftlh2z", "content": "Weekend CTI signal: not \u201cmore CVEs\u201d \u2014 prioritization caught up to exploitation.\n\nPeopleSoft CVE-2026-35273 and Ivanti Sentry CVE-2026-10520 are KEV now.\n\nIf exposed, don\u2019t treat as routine patching.\n\nHunt prior access. Lock down edge control planes. \n\n#CTI #ThreatIntel #Cybersecurity", "creation_timestamp": "2026-06-15T12:42:39.086051Z"}, {"uuid": "7ea7aef0-ccd4-47c8-9399-e96a5c0d8b55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3modcoplbif2x", "content": "- Ivanti Sentry advisory: hub.ivanti.com/s/article/Se...\n- FIRST EPSS CVE-2026-10520: api.first.org/data/v1/epss...\n- VECERT Radar NoName057(16) post: x.com/VECERTRadar/...", "creation_timestamp": "2026-06-15T12:42:40.161532Z"}, {"uuid": "6811d080-58b3-4c16-9b40-90639700d118", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-06-16)", "content": "", "creation_timestamp": "2026-06-16T00:00:00.000000Z"}, {"uuid": "e92f2d48-9c2e-4a6e-a6f7-5044ccedf511", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/sen-perimetered.bsky.social/post/3moj2sy35gb2a", "content": "CVE-2026-10520 \u2014 Ivanti Sentry. Unauthenticated OS command injection \u2192 root RCE. CISA KEV deadline passed June 14. Vector: externally reachable MDM gateway. If the appliance isn't behind mTLS or Neurons for MDM, it's exposed. Patch or disconnect.", "creation_timestamp": "2026-06-17T19:37:50.416366Z"}, {"uuid": "71d522a5-0b6d-422c-a539-3ba20230d8ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/newstecnicas.com/post/3mold76bpv22p", "content": "\ud83d\udee1\ufe0f Manual T\u00e9cnico de Mitigaci\u00f3n: #Vulnerabilidades CVE-2026-10520 y CVE-2026-10523 en Ivanti Sentry www.newstecnicas.com/2026/06/manu...", "creation_timestamp": "2026-06-18T17:13:12.600303Z"}, {"uuid": "98ccf8e8-7266-4517-98e1-c5f265e49a60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "published-proof-of-concept", "source": "Telegram/8Dfr88XDUFolqg40-dk3HH579THhbyGT3qUr6UhOzRzysB0", "content": "", "creation_timestamp": "2026-06-10T11:00:23.000000Z"}, {"uuid": "ed455078-7da6-4596-978b-eeead4bb2d02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "published-proof-of-concept", "source": "Telegram/UP0bHdwN2udFarZFpAo4dW_5awpjME5BMssCjsrIyWufG1U", "content": "", "creation_timestamp": "2026-06-10T15:00:07.000000Z"}, {"uuid": "df9cbbe2-f2fe-447d-9e00-232b1e823744", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "published-proof-of-concept", "source": "Telegram/X3d0ov_B01fXeFh1HIc4iOWU-yKPAhiRlXClKZPas190B7A", "content": "", "creation_timestamp": "2026-06-11T09:00:04.000000Z"}, {"uuid": "62ab1e8c-709d-4867-934f-d1a52ae505cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "published-proof-of-concept", "source": "Telegram/P4OAF6tyxAIVXey_izy-TP1JEXG6oDmgsdsL3rMnBYotsT0", "content": "", "creation_timestamp": "2026-06-11T15:00:06.000000Z"}, {"uuid": "6fa3cfba-2437-4de8-a92f-810773ef9da6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-06-18)", "content": "", "creation_timestamp": "2026-06-18T00:00:00.000000Z"}, {"uuid": "5edee708-a9f0-49a8-b0b2-bceb078e8807", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3mona64h35v27", "content": "Cisco, Chrome, Exchange - one week, four critical CVEs. Attackers are weaving them into chains before most teams finish patching the first.\n\nCVE-2026-10520 in Chrome.\n\nhttps://www.yazoul.net/news/article/2026-w24-weekly-threat-roundup/\n\n#CVE #CyberSecurity", "creation_timestamp": "2026-06-19T11:24:12.009213Z"}, {"uuid": "f2bc98bf-d3a3-4945-b54a-341941cc613b", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/a47e58e9-cec3-49eb-a773-e90d0232fa1a", "content": "", "creation_timestamp": "2026-06-19T12:45:07.531932Z"}, {"uuid": "360bc284-0c27-48da-9ee6-8e9616159356", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/patrickcmiller.bsky.social/post/3moomqqrcur2t", "content": "More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) labs.watchtowr.com/more-evidenc...", "creation_timestamp": "2026-06-20T00:42:02.174335Z"}, {"uuid": "7905a807-dcb5-450d-934b-e02ff6e95077", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-06-19)", "content": "", "creation_timestamp": "2026-06-19T00:00:00.000000Z"}, {"uuid": "7e01942a-b15f-425e-a8cf-e6430c35d30f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3mos63ixquk2v", "content": "\u26a0\ufe0f Four CVEs. Three breach reports. One week.\n\nCVE-2026-10520 in Chrome.\nCVE-2026-11645 in Cisco.\nCVE-2026-25089 in Exchange.\nCVE-2026-35273 in Google.\n\nhttps://www.yazoul.net/news/article/2026-w24-weekly-threat-roundup/\n\n#CyberSecurity #PatchNow", "creation_timestamp": "2026-06-21T10:30:16.253823Z"}, {"uuid": "eca191ef-e68c-4a6d-84a9-950784ad026e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mov6orc5l22z", "content": "Stood up an Ivanti Sentry honeypot for 5 days post-CISA-KEV (CVE-2026-10520). They bombarded the snot out of it...\n\none ran a toolkit, another hand-ran 362 commands and hashed their own SSH implant to confirm it stuck, another gsocket...\n\ncyfar.ca/engagements/...", "creation_timestamp": "2026-06-22T15:19:02.273324Z"}, {"uuid": "91a9916f-bdff-4af9-9f04-37692d8d2567", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/0064d242-0ee1-4d90-807e-e7aa6abae62e", "content": "", "creation_timestamp": "2026-06-23T14:02:58.312059Z"}, {"uuid": "bff55132-42d1-4fd6-b080-548cc183f193", "vulnerability_lookup_origin": "c8fb6bf1-f81f-4cb8-95b1-eadbb3b54ee8", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2026-10520", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/36e24aa2-07e7-451d-90f5-968b387cebf9", "content": "", "creation_timestamp": "2026-06-30T09:23:59.106531Z"}, {"uuid": "cc0661c8-78cd-4992-9eb3-d087872de96f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-06-29)", "content": "", "creation_timestamp": "2026-06-30T10:00:07.060096Z"}]}