Cve-2026-10520

vulnerabilities 2026-06-16 Critical
Ivanti Sentry CVE-2026-10520: Unauthenticated Root RCE via handleMessage, Now in CISA KEV
A CVSS 10.0 OS command injection in Ivanti Sentry's unauthenticated /mics/api/v2/sentry/mics-config/handleMessage endpoint yields remote code execution as root. watchTowr published a PoC on June 10, CISA added it to KEV on June 11 with a June 14 deadline, and exploitation has followed.
ivanti mobileiron cve-2026-10520 cve-2026-10523 command-injection remote-code-execution cisa-kev edge-devices gateway

Ivanti Sentry CVE-2026-10520: Unauthenticated Root RCE via handleMessage, Now in CISA KEV