Security Advisory

CVE-2026-9246

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-05-22 15:26:51

Last updated 2026-05-22 16:52:43

Assigner DEVOLUTIONS

State PUBLISHED

Description

Improper access control in the entry documentation and attachment features in Devolutions Server allows an authenticated user with vault read access to retrieve the documentation and attachments of sealed entries via a crafted API request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

← Browse all CVEs View on cve.org ↗