According to Hacker News, Ivanti disclosed a critical vulnerability in its Sentry endpoint platform. CVE-2026-10520 allows unauthenticated attackers to remotely execute code on unpatched systems. Rated CVSS 10.0—the highest severity possible—a public exploit already exists and CISA lists it among actively exploited vulnerabilities. Administrators should prioritize patching immediately.

Listen to this story

Hear this and more stories in a personalized audio briefing.

Open The Chonkerton