2 matches found
CVE-2026-3638
creationtimestamp| type| source ---|---|--- 2026-03-09 19:30:13+00:00| seen| https://infosec.exchange/users/offseq/statuses/116200873186129950...
CVE-2026-3638
CVE-2026-3638 : Multiple sources (NVD, Red Hat, ENISA, CVE List) describe an improper access control flaw in Devolutions Server up to version 2025.3.11.0. A low-privileged, authenticated user can restore deleted users and roles via crafted API requests on the user/role restore endpoints. Document...