SecurityWeek

Ivanti Sentry Exploitation Attempts Hitting Honeypots

CVE-2026-10520, a critical-severity vulnerability in Ivanti Sentry, was flagged as exploited based on activity observed on ...
Cyber Daily

Alert! Experts concerned over perfect 10 Ivanti Sentry vulnerability, and hackers are already all over it

CVE-2026-10520 is looking like a nightmare for network defenders: an OS Command Injection vulnerability that could lead to ...
SecurityWeek

Critical Vulnerabilities Patched in Fortinet, Ivanti Products

Two OS command injection flaws can be exploited remotely, without authentication, for arbitrary code execution.
The Hacker News

Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities

Fortinet, Ivanti, and SAP patched critical flaws up to CVSS 10.0, reducing RCE, admin takeover, and data exposure risks.
Bleeping Computer

Zyxel warns of critical OS command injection flaw in routers

Zyxel has released security updates to address a critical vulnerability impacting multiple models of its business routers, potentially allowing unauthenticated attackers to perform OS command ...

Critical UniFi OS bug lets hackers gain root without authentication

Attackers can chain three already fixed vulnerabilities in the Ubiquiti UniFi OS server to execute remote code with root ...
techtimes

Ivanti Sentry Actively Exploited: CVSS 10.0 Flaw Backdoors Enterprise Mobile Gateways

Attackers have begun backdooring internet-exposed Ivanti Sentry appliances, the nonprofit security watchdog Shadowserver confirmed on June 11, 2026 — less than 48 hours after patches and a public ...
Dark Reading

CISA, FBI Warn of OS Command-Injection Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have released a critical alert urging software developers to focus on removing weaknesses that allow unauthorized users to run ...
Infosecurity-magazine.com

CISA Urges Software Makers to Eliminate OS Command Injection Vulnerabilities

The US government has urged software manufacturers to work towards the elimination of operating system (OS) command injection vulnerabilities. The alert from the Cybersecurity and Infrastructure ...