Security Advisory

CVE-2026-9047

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-05-22 15:18:39

Last updated 2026-05-22 16:58:40

Assigner DEVOLUTIONS

State PUBLISHED

Description

Improper handling of factor key state in the multi-factor authentication management feature in Devolutions Server allows an attacker with knowledge of a users password to bypass the users multi-factor authentication after the user reconfigures their factors. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0

← Browse all CVEs View on cve.org ↗