Active Exploitation of Critical Ivanti Sentry Vulnerability CVE-2026-10520 for Remote Code Execution

Attackers are actively exploiting the critical OS command injection vulnerability CVE-2026-10520 in Ivanti Sentry gateways, which allows remote code execution with root privileges. The flaw affects versions prior to R10.5.2, R10.6.2, and R10.7.1, with compromises occurring shortly after patches were released. Internet-exposed Ivanti Sentry instances are being targeted, though the exact number of compromised systems is not specified. The vulnerability is classified as maximum severity, enabling threat actors to execute arbitrary commands on unpatched devices. No specific threat groups or attack vectors were detailed in the report.