Ivanti: Actively-Exploited Flaw CVE-2026-10520 Added to CISA KEV

Key findings

CISA added CVE-2026-10520 to the KEV catalog on June 11, 2026, confirming active exploitation.
The flaw affects an Ivanti product; no ransomware association has been identified.
Federal agencies must remediate by the KEV deadline under BOD 22-01.
All Ivanti users should apply vendor patches immediately and monitor for compromise.

On June 11, 2026, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a single Ivanti vulnerability — CVE-2026-10520 — to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation in the wild. The addition signals that defenders running Ivanti products should treat this as a priority patch event.

CVE-2026-10520 is a newly cataloged flaw in an Ivanti product. While detailed technical specifics remain under analysis, its inclusion in the KEV catalog means CISA has verified that threat actors are actively targeting this vulnerability in real-world attacks. The vulnerability carries a remediation due date for U.S. federal agencies, per Binding Operational Directive (BOD) 22-01, typically set three weeks from the KEV add-date.

No ransomware association has been flagged for this CVE, meaning it is not currently linked to known ransomware campaigns. However, active exploitation alone makes it a high-priority item for any organization using the affected Ivanti software.

Defenders should immediately identify all Ivanti deployments in their environments, apply the vendor-supplied patch or mitigation as soon as it is available, and monitor for indicators of compromise related to CVE-2026-10520. Federal agencies must remediate by the KEV deadline to maintain compliance with BOD 22-01.

Ivanti users should consult the vendor's security advisory for specific product and version details, workaround guidance, and patch availability. In the interim, organizations should review access logs for unusual activity and restrict external access to Ivanti management interfaces where feasible.