Ivanti Sentry Patched for Critical Remote Code Execution and Authentication Bypass Flaws

Ivanti has released security patches addressing two critical vulnerabilities in its Sentry product. These flaws, identified as CVE-2026-10520 and CVE-2026-10523, could allow for unauthenticated root-level remote code execution and an authentication bypass, respectively. Although there is no evidence of active exploitation, the company strongly advises immediate patching for all affected versions due to the public release of technical details.