CVE Security

Missing authorization in the entry status management feature in Devolutions Server allows a non-administrator authenticated user to bypass the adminis...

Applications


                                    CVE-2026-9251

Lire l'article

low 2.4

29/05/2026

Vulnérabilité low détectée - CVE-2026-9247

Insufficient logging in the entry export feature in Devolutions Server allows an authenticated user with export permissions to export a sealed entry w...

Applications


                                    CVE-2026-9247

Lire l'article

high 7.1

29/05/2026

Vulnérabilité high détectée - CVE-2026-7325

Improper authorization in the Active Directory browsing feature in Devolutions Server allows a low-privileged authenticated user to obtain authenticat...

Applications


                                    CVE-2026-7325

Lire l'article

low 2.7

29/05/2026

Vulnérabilité low détectée - CVE-2026-8477

Improper enforcement of the sealed-entry workflow in the entry sensitive-data retrieval feature in Devolutions Server allows an authenticated user wit...

Applications


                                    CVE-2026-8477

Lire l'article

high 7.6

29/05/2026

Vulnérabilité high détectée - CVE-2026-9047

Improper handling of factor key state in the multi-factor authentication management feature in Devolutions Server allows an attacker with knowledge of...

Applications


                                    CVE-2026-9047

Lire l'article

medium 4.3

29/05/2026

Vulnérabilité medium détectée - CVE-2026-9223

Missing authorization in the vault import feature in Devolutions Server 2026.1.16.0 and earlier allows a low-privileged authenticated user to creat...

Applications


                                    CVE-2026-9223

Lire l'article

medium 4.3

29/05/2026

Vulnérabilité medium détectée - CVE-2026-9224

Missing authorization in the user profile update feature in Devolutions Server allows an authenticated Active Directory user to modify their own profi...

Applications


                                    CVE-2026-9224

Lire l'article

medium 5

29/05/2026

Vulnérabilité medium détectée - CVE-2026-9245

Improper input validation in the external authentication provider flow in Devolutions Server allows an unauthenticated remote attacker to redirect vic...

Applications


                                    CVE-2026-9245

Lire l'article

medium 4.3

29/05/2026

Vulnérabilité medium détectée - CVE-2026-9246

Improper access control in the entry documentation and attachment features in Devolutions Server allows an authenticated user with vault read access t...

Applications


                                    CVE-2026-9246

Lire l'article

medium 4.3

29/05/2026

Vulnérabilité medium détectée - CVE-2026-5171

Improper access control in the entry activity log feature in Devolutions Server allows an authenticated user with access to an entry but without the r...

Applications


                                    CVE-2026-5171

Lire l'article

medium 6.1

29/05/2026

Vulnérabilité medium détectée - CVE-2026-27136

Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in appl...

Web


                                    CVE-2026-27136

Lire l'article

critical 9.6

29/05/2026

Vulnérabilité critical détectée - CVE-2026-39821

The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode("xn--example...

Applications


                                    CVE-2026-39821

Lire l'article

18 19 20 21 22