https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-06-12T17:08:35.843595+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/7100980c-2782-4a8b-86c2-6b0cc98be0de/export7100980c-2782-4a8b-86c2-6b0cc98be0de2026-06-12T17:08:35.849915+00:00Joseph Leehttps://cve.circl.lu/user/syspect{"uuid": "7100980c-2782-4a8b-86c2-6b0cc98be0de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-10523", "type": "seen", "source": "https://www.cert.se/2026/06/patchtisdag-juni-2026-samlad-information-om-manadens-sakerhetsuppdateringar.html", "content": "", "creation_timestamp": "2026-06-10T05:00:00.000000Z"}2026-06-10T05:00:00+00:00https://vulnerability.circl.lu/sighting/9b1ee86d-8046-4ab7-b363-ca6c03dabb4a/export9b1ee86d-8046-4ab7-b363-ca6c03dabb4a2026-06-12T17:08:35.849843+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "9b1ee86d-8046-4ab7-b363-ca6c03dabb4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10523", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnw4exs6dr2l", "content": "Ivanti patched two critical Sentry flaws, including CVE-2026-10520, a max-severity command injection that could allow root code execution, and CVE-2026-10523, an auth bypass for rogue admin access. #Ivanti #Sentry #CVE202610520", "creation_timestamp": "2026-06-10T06:45:14.232406Z"}2026-06-10T06:45:14.232406+00:00https://vulnerability.circl.lu/sighting/ae0238cb-12c4-47a0-9c96-b4acd0e167dc/exportae0238cb-12c4-47a0-9c96-b4acd0e167dc2026-06-12T17:08:35.849767+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "ae0238cb-12c4-47a0-9c96-b4acd0e167dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10523", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3mnwkyeuu2326", "content": "\ud83d\udea8 CISA KEV [CVSS 10.0 \u00b7 CRITICAL]\nCVE-2026-10520, CVE-2026-10523 - Multiple critical vulnerabilities affecting Ivanti Sentry\n\nhttps://www.rapid7.com/blog/post/etr-cve-2026-10520-cve-2026-10523-multiple-critical-vulnerabilities-affecting-ivanti-sentry\n\n#CISA #KEV #PatchNow", "creation_timestamp": "2026-06-10T11:06:36.734699Z"}2026-06-10T11:06:36.734699+00:00https://vulnerability.circl.lu/sighting/eb09ca24-d062-4395-abdf-ae2b887abb0d/exporteb09ca24-d062-4395-abdf-ae2b887abb0d2026-06-12T17:08:35.849690+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "eb09ca24-d062-4395-abdf-ae2b887abb0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10523", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mnwpws6bag2b", "content": "~Certeu~\nIvanti Sentry vulnerabilities (CVE-2026-10520, CVE-2026-10523) allow unauthenticated RCE and admin access.\n-\nIOCs: CVE-2026-10520, CVE-2026-10523\n-\n#CVE202610520 #Ivanti #ThreatIntel", "creation_timestamp": "2026-06-10T12:35:12.552724Z"}2026-06-10T12:35:12.552724+00:00https://vulnerability.circl.lu/sighting/ce5528fa-2cd3-43ee-a490-b94d1b8222ab/exportce5528fa-2cd3-43ee-a490-b94d1b8222ab2026-06-12T17:08:35.849602+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "ce5528fa-2cd3-43ee-a490-b94d1b8222ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10523", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mnws6kyyvj2e", "content": "\ud83d\udd17 CVE : CVE-2026-6973, CVE-2026-10520, CVE-2026-10520, CVE-2026-10523, CVE-2026-10727, CVE-2026-6973", "creation_timestamp": "2026-06-10T13:15:20.932611Z"}2026-06-10T13:15:20.932611+00:00https://vulnerability.circl.lu/sighting/10156cc9-4f92-4774-9881-ee0460beadf3/export10156cc9-4f92-4774-9881-ee0460beadf32026-06-12T17:08:35.849518+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "10156cc9-4f92-4774-9881-ee0460beadf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10523", "type": "seen", "source": "https://bsky.app/profile/rapid7.com/post/3mnwstvzuss2g", "content": "\ud83d\udea8 On June 9, 2026, #Ivanti published a security advisory for 2 critical vulnerabilities affecting Ivanti Sentry (FKA MobileIron Sentry).\n\nCVE-2026-10520 (CVSS 10.0) is an OS command injection vuln, and CVE-2026-10523 (CVSS 9.9) is an authentication bypass vuln.\n\nRead on: r-7.co/4arpQHd", "creation_timestamp": "2026-06-10T13:27:17.599571Z"}2026-06-10T13:27:17.599571+00:00https://vulnerability.circl.lu/sighting/1da1a54e-2043-41e6-923e-ce9481735b57/export1da1a54e-2043-41e6-923e-ce9481735b572026-06-12T17:08:35.849441+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "1da1a54e-2043-41e6-923e-ce9481735b57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10523", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116726647250447781", "content": "The Hacker News: Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities https://thehackernews.com/2026/06/ivanti-fortinet-and-sap-release-patches.html @thehackernews \nPosted yesterday: \nIvanti: Security Advisory Ivanti Sentry (CVE-2026-10520, CVE-2026-10523) https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523\nOnapsis: SAP Security Notes: June 2026 Patch Day https://onapsis.com/blog/sap-security-patch-day-june-2026/ $infosec #Ivanti #vulnerability", "creation_timestamp": "2026-06-10T16:06:30.767481Z"}2026-06-10T16:06:30.767481+00:00https://vulnerability.circl.lu/sighting/d889366d-8138-4e9d-8625-2a2ba0a11668/exportd889366d-8138-4e9d-8625-2a2ba0a116682026-06-12T17:08:35.849357+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "d889366d-8138-4e9d-8625-2a2ba0a11668", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10523", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mnxkrgqk6z2r", "content": "On June 9, 2026, Ivanti disclosed two critical vulnerabilities in Ivanti Sentry: CVE-2026-10520 (OS command injection, CVSS 10.0) and CVE-2026-10523 (authentication bypass, CVSS 9.9). Both allow remote unauthenticated attackers to execute commands and gain administrative access.", "creation_timestamp": "2026-06-10T20:35:23.999811Z"}2026-06-10T20:35:23.999811+00:00https://vulnerability.circl.lu/sighting/4b14a140-fff4-4e64-9838-5ba1469eea49/export4b14a140-fff4-4e64-9838-5ba1469eea492026-06-12T17:08:35.849251+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "4b14a140-fff4-4e64-9838-5ba1469eea49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10523", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0180", "content": "Ivanti heeft twee kwetsbaarheden verholpen in Sentry. De kwetsbaarheid met kenmerk CVE-2026-10520, waarvan Ivanti een CVSS-score van 10 heeft toegekend, kan een ongeauthenticeerde kwaadwillende op afstand in staat stellen willekeurige code uitvoeren met root rechten. De kwetsbaarheid met kenmerk CVE-2026-10523, die Ivanti een CVSS score van 9.9, heeft gegeven, kan door een ongeauthenticeerde kwaadwillende op afstand worden misbruikt om administratieve accounts aan te maken.\n\nMisbruik van deze kwetsbaarheden is mogelijk, maar de randvoorwaarden die nodig zijn om deze kwetsbaarheden op afstand uit te buiten, vereisen dat een managementpoort aan het internet is ontsloten. Deze randvoorwaarden zijn niet aanwezig in standaardimplementaties van Ivanti Sentry.\n\nDe kwetsbaarheden hebben Ivanti bereikt via responsible disclosure. Momenteel vindt er, voor zover bekend, geen actief misbruik van deze kwetsbaarheden plaats en is er geen publieke PoC code beschikbaar. Het NCSC verwacht echter dat dit op korte termijn zal veranderen.", "creation_timestamp": "2026-06-11T09:11:03.000000Z"}2026-06-11T09:11:03+00:00https://vulnerability.circl.lu/sighting/2d7b5918-4109-4787-afbc-d0a9282f7308/export2d7b5918-4109-4787-afbc-d0a9282f73082026-06-12T17:08:35.848104+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "2d7b5918-4109-4787-afbc-d0a9282f7308", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10523", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mnz2pvprxk2h", "content": "Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520)\n\nIvanti has patched two critical vulnerabilities (CVE-2026-10520 and CVE-2026-10523) in Ivanti Sentry and has urged customers to implement the fix right away. Though the vulnerabilities are not kn\u2026\n#hackernews #news", "creation_timestamp": "2026-06-11T10:53:32.387132Z"}2026-06-11T10:53:32.387132+00:00