Lucene search
K

4369 matches found

NVD
NVD
added 2026/06/09 4:16 p.m.8 views

CVE-2026-10523

An Authentication Bypass vulnerability CWE-288 in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access...

9.9CVSS0.4719EPSS
Exploits4References1
NVD
NVD
added 2026/06/09 4:16 p.m.10 views

CVE-2026-10727

An OS command injection vulnerability in Ivanti EPMM before 12.9.0.1, 12.8.0.3 and 12.7.0.2 versions allows a remote authenticated attacker to execute arbitrary commands as root...

7.2CVSS0.01634EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 2:30 p.m.8 views

CVE-2026-10727

An OS command injection vulnerability in Ivanti EPMM before 12.9.0.1, 12.8.0.3 and 12.7.0.2 versions allows a remote authenticated attacker to execute arbitrary commands as root...

7.2CVSS6AI score0.01634EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 2:30 p.m.57 views

CVE-2026-10727

Ivanti EPMM (Ivanti Endpoint Manager/Mobile EPMM) is affected by an OS command injection in versions before 12.9.0.1, 12.8.0.3, and 12.7.0.2. A remote authenticated attacker can execute arbitrary commands as root. The CVSS (3.1) vectors indicate network access, high impact on confidentiality, int...

7.2CVSS6AI score0.01634EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 2:30 p.m.33 views

CVE-2026-10727

An OS command injection vulnerability in Ivanti EPMM before 12.9.0.1, 12.8.0.3 and 12.7.0.2 versions allows a remote authenticated attacker to execute arbitrary commands as root...

7.2CVSS0.01634EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 2:16 p.m.51 views

CVE-2026-10523

Technical details are not publicly available in the provided documents. Monitor for updates.

9.9CVSS5.7AI score0.4719EPSS
Exploits4References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/09 2:16 p.m.9 views

CVE-2026-10523

An Authentication Bypass vulnerability CWE-288 in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access...

9.9CVSS5.7AI score0.4719EPSS
Exploits4References1
Cvelist
Cvelist
added 2026/06/09 2:16 p.m.103 views

CVE-2026-10523

An Authentication Bypass vulnerability CWE-288 in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access...

9.9CVSS0.4719EPSS
Exploits4References1
CVE
CVE
added 2026/06/09 2:10 p.m.167 views

CVE-2026-10520

Ivanti Sentry (formerly MobileIron Sentry) is affected by CVE-2026-10520, an OS Command Injection vulnerability that allows an unauthenticated remote attacker to execute arbitrary commands as root. The issue resides in the ConfigServiceController via the unauthenticated POST to /mics/api/v2/sentr...

10CVSS6.3AI score0.99041EPSS
In wildExploits6References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/09 2:10 p.m.12 views

CVE-2026-10520

An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution...

10CVSS6.3AI score0.99041EPSS
Exploits6References1
Cvelist
Cvelist
added 2026/06/09 2:10 p.m.58 views

CVE-2026-10520

An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution...

10CVSS0.99041EPSS
Exploits6References1
Ivanti
Ivanti
added 2026/06/09 2:0 p.m.18 views

Security Advisory Ivanti Sentry (CVE-2026-10520, CVE-2026-10523)

Last Modified Date Jun 16, 2026 12:48:48 AM...

10CVSS7.3AI score0.99041EPSS
Exploits6
Ivanti
Ivanti
added 2026/06/09 1:58 p.m.20 views

Security Advisory Ivanti Endpoint Manager Mobile (EPMM) (CVE-2026-10727)

Update 11 June: FAQ Updated Summary Ivanti has released updates for Ivanti Endpoint Manager Mobile EPMM which addresses one high severity vulnerability. We are not aware of any customers being exploited by this vulnerability at the time of disclosure. Vulnerability Details CVE Number | Descriptio...

7.2CVSS6.1AI score0.01634EPSS
Exploits0
Circl
Circl
added 2026/06/09 8:30 a.m.11 views

CVE-2026-10727

creationtimestamp| type| source ---|---|--- 2026-06-09 08:30:20+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/ivanti-security-advisory-av26-567 2026-06-10 02:18:20+00:00| seen| https://www.acn.gov.it/portale/w/ivanti-june-security-update-1 2026-06-10 13:15:21+00:00| seen|...

7.2CVSS4.9AI score0.01634EPSS
Exploits0References4
Circl
Circl
added 2026/06/09 8:30 a.m.24 views

CVE-2026-10520

creationtimestamp| type| source ---|---|--- 2026-06-09 08:30:20+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/ivanti-security-advisory-av26-567 2026-06-09 20:34:10+00:00| published-proof-of-concept|...

10CVSS7.1AI score0.99041EPSS
In wildExploits6References97
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.16 views

PT-2026-47808

Name of the Vulnerable Software and Affected Versions Ivanti EPMM versions prior to 12.9.0.1 Ivanti EPMM versions prior to 12.8.0.3 Ivanti EPMM versions prior to 12.7.0.2 Description An OS command injection issue allows a remote authenticated attacker to execute arbitrary commands with root...

7.2CVSS6AI score0.01634EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.13 views

PT-2026-47807

Name of the Vulnerable Software and Affected Versions Ivanti Sentry versions prior to R10.5.2 Ivanti Sentry versions prior to R10.6.2 Ivanti Sentry versions prior to R10.7.1 Description An authentication bypass allows a remote unauthenticated attacker to create arbitrary administrative accounts a...

9.9CVSS6.2AI score0.4719EPSS
Exploits4References41
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.20 views

PT-2026-47806

Name of the Vulnerable Software and Affected Versions Ivanti Sentry versions prior to R10.5.2 Ivanti Sentry versions prior to R10.6.2 Ivanti Sentry versions prior to R10.7.1 Description An OS command injection flaw allows a remote unauthenticated user to execute arbitrary code with root privilege...

10CVSS7.8AI score0.99041EPSS
Exploits6References132
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Ivanti Sentry 操作系统命令注入漏洞

Ivanti Sentry is an online gateway provided by the American company Ivanti. It is used to manage, encrypt, and protect traffic between mobile devices and backend enterprise systems. Versions of Ivanti Sentry prior to R10.5.2, R10.6.2, and R10.7.1 contained an operating system command injection...

10CVSS6.4AI score0.99041EPSS
Exploits6References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

Ivanti Sentry 安全漏洞

Ivanti Sentry is an online gateway provided by the American company Ivanti. It is used to manage, encrypt, and protect traffic between mobile devices and backend enterprise systems. There are security vulnerabilities in versions of Ivanti Sentry prior to R10.5.2, R10.6.2, and R10.7.1. These...

9.9CVSS6AI score0.4719EPSS
Exploits4References2
Rows per page
Query Builder