CVE-2026-14902: CWE-601 URL redirection to untrusted site ('open redirect') in ivanti Xtraction
CVE-2026-14902 is an open redirect vulnerability in Ivanti Xtraction before version 2026.2.1. It allows a remote unauthenticated attacker to redirect users to arbitrary external URLs. The…
Read the full articleYou might also wanna read

WAF - WAF Release - 2026-03-12 - Emergency
This week's release introduces new detections for vulnerabilities in Ivanti Endpoint Manager Mobile (CVE-2026-1281 and CVE-2026-1340), along
Ivanti Sentry Pre-Auth OS Command Injection (CVE-2026-10520) Allows Root-Level Remote Code Execution
Today, Ivanti published an advisory. “No way?” we hear you say. "Yes way!" Today’s advisory outlines two vulnerabilities in Ivanti’s Sentry
labs.watchtowr.com·27d agoIvanti discloses two critical vulnerabilities in Sentry mobile gateway, including max-severity unauthenticated RCE flaw
Remote, unauthenticated RCE with root privileges is about as bad as it gets

WAF - WAF Release - 2026-06-23
This week's release introduces new managed protection to address a critical pre-authentication OS command injection vulnerability in Ivanti
CVE-2026-10520: Critical Ivanti Sentry OS Command Injection Vulnerability Actively Exploited
Ivanti Sentry (formerly MobileIron Sentry) contains a pre-authentication OS command injection vulnerability (CVSS 10.0) allowing root-level
CVE-2026-48800 Bypass: Path Traversal Vulnerability Discovered in Notepad++ v8.9.6.1
## Vulnerability Summary **Product**: Notepad++ v8.9.6.1 (latest patched version) **Type**: CWE-42 (Path Traversal) / CWE-59 (Improper Link

Comments
Sign in to join the conversation.
No comments yet. Be the first.