SecurityWeek

Critical Vulnerabilities Patched in Fortinet, Ivanti Products

Two OS command injection flaws can be exploited remotely, without authentication, for arbitrary code execution.
Cyber Daily

Alert! Experts concerned over perfect 10 Ivanti Sentry vulnerability, and hackers are already all over it

CVE-2026-10520 is looking like a nightmare for network defenders: an OS Command Injection vulnerability that could lead to ...
The Hacker News

Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities

Fortinet, Ivanti, and SAP patched critical flaws up to CVSS 10.0, reducing RCE, admin takeover, and data exposure risks.
Bleeping Computer

Fortinet warns of critical command injection bug in FortiSIEM

Fortinet is alerting customers of a critical OS command injection vulnerability in FortiSIEM report server that could be exploited by remote, unauthenticated attackers to execute commands through ...
ZDNet

Patch released for Fortinet command injection vulnerability

Update: In a statement to ZDNet, Fortinet criticized Rapid7 for releasing the study and said a patch would be released by the end of the month. "The security of our customers is always our first ...

Critical UniFi OS bug lets hackers gain root without authentication

Attackers can chain three already fixed vulnerabilities in the Ubiquiti UniFi OS server to execute remote code with root ...
Hosted on MSN

Critical command injection vulnerability discovered in Universal Robots PolyScope 5

Attackers can remotely execute commands on vulnerable industrial robots without requiring authentication Outdated factory robots may expose entire manufacturing networks to devastating cyberattacks ...
ZDNet

SaltStack revises partial patch for command injection, privilege escalation vulnerability

The Salt Project has issued a secondary fix for a command injection vulnerability after the first attempt to patch the issue partially failed. The vulnerability, tracked as CVE-2020-28243, impacts ...