Sentry

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2026-10520	Ivanti Sentry	Cri	0.65	10.0	—		Jun 9, 2026	An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution
CVE-2026-10523	Ivanti Sentry	Cri	0.64	9.9	—		Jun 9, 2026	An Authentication Bypass vulnerability (CWE-288) in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access

CVE-2026-10520CriJun 9, 2026
Ivanti
Sentry
risk 0.65cvss 10.0epss —
An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution
CVE-2026-10523CriJun 9, 2026
Ivanti
Sentry
risk 0.64cvss 9.9epss —
An Authentication Bypass vulnerability (CWE-288) in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access