Vulnerability Brief

CVE-2026-10523

• Severity: CRITICAL
• CVSS score: 9.9

Technical summary

An Authentication Bypass vulnerability (CWE-288) in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access