Remote, unauthenticated RCE with root privileges is about as bad as it gets It patch time for Ivanti customers again after the security shop disclosed another two critical vulnerabilities in one of its products. Both bugs affect Ivanti Sentry, a mobile gateway that forms part of its broader unified endpoint management platform. The first and worst of the two is CVE 2026 10520 10.0, a max severity vulnerability that allows a remote, unauthenticated attacker to execute code with root...
