This week’s release introduces new managed protection to address a critical pre-authentication OS command injection vulnerability in Ivanti Sentry (CVE-2026-10520).
Key Findings
- CVE-2026-10520: An OS command injection vulnerability in Ivanti Sentry allows remote, unauthenticated attackers to execute arbitrary system commands with root privileges. The flaw stems from improper sanitization of input strings parsed during internal configuration handling.
| Ruleset | Rule ID | Legacy Rule ID | Description | Previous Action | New Action | Comments |
|---|---|---|---|---|---|---|
| Cloudflare Managed Ruleset | 500a90789f874345b60b0de7242fdf83 | N/A | Ivanti Sentry – Command Injection – CVE:CVE-2026-10520 | Log | Block | This is a new detection. |
Source: Cloudflare
Latest Posts
- MC1428090: Microsoft 365 Apps Releases Updates for Current, Monthly Enterprise, and Semi-Annual Channels

- MC1422074: Microsoft 365 Copilot Adds Admin Control for OpenAI-Operated Models Including GPT-5.6

- Amazon Redshift Serverless now preserves zero-ETL and Amazon S3 event integrations during snapshot restores

- AWS Partner Central introduces Partner Lead Prospecting





![(Updated) Microsoft Teams: Digital signage support for Teams panels [MC1311979] 6 (Updated) Microsoft Teams: Digital signage support for Teams panels [MC1311979]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-pixabay-301599-150x150.webp)