Unauthenticated RCE, Privileged Command Execution, and Availability Risk: Ivanti, SolarWinds, and Cisco

Three entries this week target the platforms organizations rely on to manage users, infrastructure, and critical workflows. Together, they demonstrate why management systems remain among the highest-value targets in enterprise environments.

Ivanti Sentry (CVE-2026-10520, deadline: June 14) continues a troubling pattern for a product line that has repeatedly attracted attacker attention. This OS command injection vulnerability allows a remote unauthenticated attacker to achieve root-level remote code execution. CISA's BOD 26-04 forensic triage requirements apply explicitly here. Do not patch and move on. Treat any unpatched Sentry instance as potentially compromised and conduct artifact collection before applying fixes. Review MDM policy push logs, administrative activity, and certificate stores for signs of persistence or lateral movement.

SolarWinds Serv-U (CVE-2026-28318, deadline: June 19) presents a different but still serious risk profile. An unauthenticated attacker can crash the Serv-U service using a malformed Content-Encoding: deflate POST request, resulting in denial of service through uncontrolled resource consumption. In environments where Serv-U facilitates regulated file transfers—HIPAA, ITAR, or FedRAMP workloads—availability loss constitutes a compliance and business continuity concern rather than merely an operational nuisance. SolarWinds remains under heightened scrutiny following prior supply chain incidents, and any evidence of exploitation activity should trigger a broader investigation beyond the immediate service disruption.

Cisco Catalyst SD-WAN Manager (CVE-2026-20245, deadline: June 23) requires authenticated local access, which moderates—but does not eliminate—the potential impact. In SD-WAN environments, "local" frequently means anyone with administrative or CLI access to a management node. Arbitrary root command execution via a crafted file means a compromised operator credential can rapidly become a full infrastructure takeover vector. Organizations should review SD-WAN Manager access logs, enforce least privilege for management accounts, preserve forensic evidence where compromise is suspected, and apply vendor guidance or updates as they become available.

Developer and AI Toolchain Exposure: Chromium, Arista EOS, and LiteLLM

The remaining entries illustrate how the attack surface continues expanding into modern development workflows, browser environments, and AI infrastructure.

Google Chromium V8 (CVE-2026-11645, deadline: June 23) carries cross-browser implications because V8 underpins Chrome, Microsoft Edge, Opera, and other Chromium-based clients. The vulnerability involves out-of-bounds memory access triggered through a crafted HTML page, enabling arbitrary code execution within the browser's sandbox. Although not itself a sandbox escape, browser compromise remains a powerful initial access vector, particularly in environments where developers and analysts interact with sensitive internal applications through web interfaces. Apply browser updates promptly and avoid relying solely on slower enterprise deployment cycles.

Arista EOS (CVE-2026-7473, deadline: June 23) exposes a subtle but potentially dangerous forwarding flaw. Affected switches may incorrectly decapsulate and forward unexpected tunneled packets destined for configured decapsulation IP addresses. In high-security environments, unexpected forwarding behavior can undermine segmentation assumptions and trust boundaries. Organizations should review tunnel interface configurations, implement vendor-recommended mitigations, and reassess reliance on topology-based access controls until vulnerable configurations are remediated.

Finally, BerriAI LiteLLM (CVE-2026-42271, deadline: June 22) highlights a newer category of operational risk that many security teams are still learning to model. The command injection vulnerability is exploitable by any authenticated user, including low-privilege internal users with valid API credentials. Because LiteLLM is frequently deployed as a proxy layer for internal AI tooling, the threat model extends beyond external adversaries to include compromised developer accounts and exposed API keys. Rotate LiteLLM credentials, audit internal-user access, and evaluate whether host-level sandboxing or container isolation can reduce blast radius until remediation is complete.

Sources: CISA KEV Catalog · CISA BOD 26-04 · Oracle Security Alerts · Ivanti Security Advisory (Sentry) · Cisco Security Advisories · Check Point Security Advisory · SolarWinds Serv-U Advisory · Google Chrome Releases · Arista Security Advisories · BerriAI LiteLLM Security Advisories