← ExploitWatch
HomeExploited Vulnerabilities

CVE-2026-10520 — Actively Exploited: Sentry (Ivanti)

Ivanti Sentry (formerly known as MobileIron Sentry) contains an OS command injection vulnerability which could allow a remote unauthenticated user to achieve root-level remote code execution. This vulnerability can be successfully exploited in cases where the Sentry appliance is in an unmanaged state with its endpoints

CVE IDCVE-2026-10520
VendorIvanti
ProductSentry
Vulnerability nameIvanti Sentry OS Command Injection Vulnerability
Date added2026-06-11
Remediation due2026-06-14
Known ransomware useUnknown
Required actionApply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discon
DescriptionIvanti Sentry (formerly known as MobileIron Sentry) contains an OS command injection vulnerability which could allow a remote unauthenticated user to achieve root-level remote code execution. This vulnerability can be successfully exploited in cases where the Sentry appliance is in an unmanaged state with its endpoints externally reachable. The use of mTLS with EPMM or restricted HTTPS access thro
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →