Briefing Zero-days CVEs IOCs NewsActors Vendors Licenses Help

⌘+KWorkspace→

Real-time security intelligence — KEV, CVEs, exploits, threat actors and IOCs unified into one live view.

Sources Status API docs Licenses Help Security disclosure

Built by Kiril Urbonas

ZeroDayAttack — AppSec intelligence aggregator

50 results

For "ivanti" across CVEs, vendor advisories, threat actors, IOCs, security research, and news.

All50 Vulnerabilities38 Threat actors0 Vendor advisories0 Research7 News5 IOCs0

Research

rapid7
CVE-2026-10520, CVE-2026-10523 - Multiple critical vulnerabilities affecting Ivanti Sentry
Overview On June 9, 2026, Ivanti published a security advisory for two critical vulnerabilities affecting Ivanti Sentry (formerly known as MobileIron Sentry), which per the vendor website is an "in-line gateway that manages, encrypts, and s
CVE-2026-10520 · CVE-2026-10523 · CVE-2023-38035 · CVE-2020-15505
3 d ago
redditnetsec
More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs

submitted by /u/dx7r__ [link] [comments]

CVE-2026-10520

3 d ago

wiz

Ivanti EPMM RCE Vulnerability Chain Exploited in the Wild

Wiz Threat Research has observed exploitation in-the-wild of CVE-2025-4427 and CVE-2025-4428, the latest vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM).

CVE-2025-4427 · CVE-2025-4428

2025-05-20

assetnote

High Signal Detection and Exploitation of Ivanti's Pulse Connect Secure Auth Bypass & RCE

Last week, Ivanti disclosed two critical vulnerabilities affecting Ivanti Pulse Connect Secure - CVE-2023-46805 (Authentication Bypass) & CVE-2024-21887 (Remote Command Execution).

CVE-2023-46805 · CVE-2024-21887

2025-02-12

assetnote

Ivanti's Pulse Connect Secure Auth Bypass Round Two

The Ivanti excitement continues! After an authentication bypass and command injection to kick off the year, Ivanti are following with a second authentication bypass and a privilege escalation. On January 22 Ivanti released this advisory des

CVE-2024-21888 · CVE-2024-21893

2025-02-12

wiz

CVE-2025-0282 and CVE-2025-0283: Critical Ivanti 0days Exploited in the Wild

Detect and mitigate CVE-2025-0282, a critical RCE vulnerability in Ivanti Connect Secure and CVE-2025-0283, exploited as 0day vulnerabilities in the wild. Organizations should patch urgently.

CVE-2025-0282 · CVE-2025-0283

2025-01-09

wiz

Critical Vulnerabilities in Ivanti Exploited in-the-Wild: everything you need to know

Detect and mitigate CVE-2023-46805, CVE-2024-21887, CVE-2024-21888 and CVE-2024-21893, critical vulnerabilities in Ivanti VPN products. Organizations should patch urgently, and government agencies are instructed to isolate Ivanti VPN instan

CVE-2023-46805 · CVE-2024-21887 · CVE-2024-21888 · CVE-2024-21893

2024-02-06