Critical Alert 1 Active Exploit Detected Today

CVE-2026-10520 Ivanti Sentry OS Command Injection Vulnerability →
Powered by CVE Watchtower
×
June 12, 2026

CVE Watchtower


← Back to CVE List

CVE-2026-38615NVD

Vulnerability Summary

DedeCMS V5.7.118 is vulnerable to Command Execution in file_manage_control.php.
Severity Level
CRITICAL(9.8)
Published Date
Jun 9, 2026
Last Modified
Jun 10, 2026
Exploitation Status
????
EPSS Score (30-Day)
0.09%Probability
Root Weakness (CWE)
CWE-78: OS Command Injection β†—
The software constructs all or part of an OS command using externally-influenced input, but does not properly neutralize special elements.
CVSS v3.1 Base Metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

External References