Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

Ivanti Sentry patch release for CVE-2026-10520 and CVE-2026-10523

Security Patch Release
First reported
Last updated
Happening score
H score 29
1 unique sources, 1 articles

Summary

Hide ▲

Ivanti released a patch bundle for Sentry after identifying two critical vulnerabilities in the secure mobile gateway appliance, including CVE-2026-10520 and CVE-2026-10523. The update addresses an OS command injection flaw that can lead to code execution as root and an authentication bypass that can let unauthenticated attackers create rogue admin accounts. Ivanti said it had no evidence of exploitation in the wild and urged administrators to upgrade to R10.5.2, R10.6.2, or R10.7.1.

Related Happenings

Redis security patch release for CVE-2026-23479

Security Patch Release
H score24 First: 03.06.2026 16:47 Last: 03.06.2026 16:47 Sources 1

About this happening: **Redis** released patched minor versions on **May 5** to fix **CVE-2026-23479**, a **use-after-free** in **blocking-client code** that can lead to **arbitrary OS command executio...

Open Happening

LiteSpeed cPanel user-end plugin urgent security update (CVE-2026-48172)

Security Patch Release
H score55 First: 27.05.2026 13:06 Last: 27.05.2026 13:06 Sources 1

About this happening: LiteSpeed released **urgent security updates** for the **cPanel user-end plugin** after **CVE-2026-48172** was found to be **actively exploited**, reducing exposure for systems ru...

Open Happening

Drupal core security update for CVE-2026-9082

Security Patch Release
H score55 First: 22.05.2026 16:14 Last: 22.05.2026 16:14 Sources 1

About this happening: **Drupal** released security updates for **CVE-2026-9082**, a highly critical SQL injection flaw affecting **PostgreSQL**-backed sites, and urged administrators to **upgrade immed...

Open Happening

TrendAI Trend Micro’s enterprise business security patch release for CVE-2026-34926

Security Patch Release
H score45 First: 22.05.2026 11:19 Last: 22.05.2026 11:19 Sources 1

About this happening: **TrendAI** released **Apex One** security updates after confirming a **zero-day** had been **exploited in the wild**, leaving **on-premises installations** at risk until patched....

Open Happening

Linux kernel Dirty Frag patch release (CVE-2026-43284, CVE-2026-43500)

Security Patch Release
H score49 First: 11.05.2026 17:30 Last: 11.05.2026 17:30 Sources 1

About this happening: **Major Linux distributions** are rolling out fixes for **Dirty Frag**, the **Linux kernel** patch release that covers **CVE-2026-43284** and **CVE-2026-43500**. The update matter...

Open Happening

Timeline

  1. 10.06.2026 09:26 2 articles · 3h ago

    Ivanti patches CVE-2026-10520 and CVE-2026-10523 in Sentry

    Mitigation Patch Update

    Ivanti released Sentry versions R10.5.2, R10.6.2, and R10.7.1 to fix two critical flaws in the Sentry secure mobile gateway appliance, including CVE-2026-10520, an OS command injection issue that can enable remote code execution as root, and CVE-2026-10523, a remote authentication bypass that can let unauthenticated attackers create rogue administrative accounts and gain full administrative access. Ivanti said it had no evidence of exploitation in the wild at disclosure and advised administrators to upgrade.

    Show sources
    Open in new tab