Threat actors have begun actively exploiting a critical Ivanti Sentry command injection vulnerability just days after a proof-of-concept (PoC) exploit was made public, according to new internet scanning data from the Shadowserver Foundation. The flaw, tracked as CVE-2026-10520, carries a maximum CVSS score of 10.0 and allows remote, unauthenticated attackers to achieve root-level remote code […]
The post Ivanti Command Injection Vulnerability Exploited in Attacks Following PoC Release appeared first on Cyber Security News.