EUVD-2026-40127

Insertion of sensitive information into sent data in the AI Agent job API in Devolutions PowerShell Universal 2026.2.0 allows an authenticated user with AI Agent read access to obtain reusable, potentially higher-privileged authentication tokens via App Tokens serialized in plaintext in job API...

PT-2026-48887

Improper access control in Devolutions PowerShell Universal 2026.1.7 and earlier allows an unauthenticated remote attacker to obtain the OpenAPI specification of user-defined REST endpoints...

Devolutions PowerShell Universal 安全漏洞

Devolutions PowerShell Universal is a comprehensive PowerShell platform developed by the Canadian company Devolutions. Versions of Devolutions PowerShell Universal prior to 2026.1.4 contained security vulnerabilities. These vulnerabilities stemmed from the lack of authorization checks for multipl...

CVE-2026-0618

Cross-site Scripting vulnerability in Devolutions PowerShell Universal.This issue affects Powershell Universal: before 4.5.6, before 5.6.13...

CVE-2026-0618

Cross-site Scripting vulnerability in Devolutions PowerShell Universal.This issue affects Powershell Universal: before 4.5.6, before 5.6.13...

Devolutions PowerShell Universal 安全漏洞

Devolutions PowerShell Universal is a comprehensive PowerShell platform from Devolutions Canada. A security vulnerability exists in Devolutions PowerShell Universal versions prior to 4.5.6 and prior to 5.6.13 that stems from improper input neutralization and could lead to a cross-site scripting...

PT-2026-1962

Name of the Vulnerable Software and Affected Versions Devolutions PowerShell Universal versions prior to 4.5.6 Devolutions PowerShell Universal versions prior to 5.6.13 Description A cross-site scripting issue exists in Devolutions PowerShell Universal. This allows for potential malicious code...