← volver
CVE-2026-9246

CVE-2026-9246

CVSS 4.3 MEDIUMEPSS 0.2%CWE-862
Improper access control in the entry documentation and attachment features in Devolutions Server allows an authenticated user with vault read access to retrieve the documentation and attachments of sealed entries via a crafted API request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Productos afectados
Devolutions · Server

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://devolutions.net/security/advisories/DEVO-2026-0013/