CISA Adds One Known Exploited Vulnerability to Catalog
Summary
CISA has added CVE-2026-10520, an Ivanti Sentry OS Command Injection Vulnerability, to its Known Exploited Vulnerabilities (KEV) Catalog due to evidence of active exploitation. This action is in line with Binding Operational Directive (BOD) 26-04, which mandates federal agencies prioritize the remediation of high-risk vulnerabilities listed in the KEV catalog.
IFF Assessment
The addition of a known exploited vulnerability to CISA's catalog and the directive for agencies to prioritize its remediation indicates a new threat that defenders must address, making it bad news for defenders.
Severity
CISA KEV: Listed as actively exploited. Federal patch due: June 14, 2026. Known ransomware use: Unknown.
Defender Context
Defenders need to be aware of CVE-2026-10520, as it is actively being exploited and has been added to CISA's KEV catalog. Organizations, especially federal agencies, must prioritize patching this vulnerability to mitigate risks associated with OS command injection attacks.