Ivanti Sentry has been hit by active exploitation attempts targeting a perfect-CVSS-10 OS command injection vulnerability (CVE-2026-10520), just one day after a public proof-of-concept exploit was released by security researchers. The flaw, along with a second critical issue (CVE-2026-10523) in its Sentry mobile gateway product on June 9, 2026, but by the following day, threat […]
The post Ivanti Command Injection Flaw Actively Exploited After PoC Release appeared first on Cyber Security News.