
Ivanti Sentry CVE-2026-10520 and CVE-2026-10523: Patch, Restrict, and Check WAF Coverage
Patch Ivanti Sentry CVE-2026-10520 and CVE-2026-10523, restrict appliance exposure, review admin activity, and use WAF coverage only as temporary mitigation.

Patch Ivanti Sentry CVE-2026-10520 and CVE-2026-10523, restrict appliance exposure, review admin activity, and use WAF coverage only as temporary mitigation.

Microsoft published the June 2026 Security Updates on June 9. Plan Windows, Server, IIS, RDS, Hyper-V, domain controller, and admin workstation patching with verification.

CISA added Arista EOS CVE-2026-7473 to KEV on June 9, 2026. Patch affected EOS switches, review VXLAN/GRE decapsulation exposure, and verify fabric behavior.

CISA added Cisco Catalyst SD-WAN Manager CVE-2026-20245 to KEV on June 9, 2026. Patch SD-WAN Manager, review edge configuration changes, and protect management access.

CISA added Chrome CVE-2026-11645 to KEV on June 9, 2026. Patch Chrome and Chromium-based admin browsers, restart, verify versions, and review risky sessions.

Upgrade and maintain HAProxy 3.4 LTS safely, including June 2026 HTTP/2 and HPACK CVE notes, config validation, safe reloads, and post-change checks.

Broadcom published VMSA-2026-0004 for VMware Cloud Foundation Operations and Aria Operations. Patch fixed versions, review admin roles, and verify management workflows.

CISA added LiteLLM CVE-2026-42271 to KEV on June 8, 2026. Patch AI gateways, restrict exposed proxy access, rotate keys where needed, and verify routes.

CISA added Check Point Security Gateway CVE-2026-50751 to KEV on June 8, 2026. Patch affected VPN gateways, review IKEv1 exposure, audit logs, and verify remote access.

Advanced Custom Fields: Extended CVE-2026-8809 affects versions through 0.9.2.5. Update to 0.9.2.6 or newer, then review WordPress admin users and public user forms.