Lucene search
K

6 matches found

NVD
NVD
added 2026/05/29 7:16 p.m.17 views

CVE-2026-9051

There is an authentication bypass vulnerability in the NI SystemLink Enterprise Dashboard application that may allow an unauthenticated remote attacker to bypass authentication controls leading to privilege escalation or information disclosure. Successful exploitation requires an attacker to send...

9.3CVSS0.00623EPSS
Exploits0References1
NVD
NVD
added 2026/05/22 4:16 p.m.8 views

CVE-2026-5171

Improper access control in the entry activity log feature in Devolutions Server allows an authenticated user with access to an entry but without the required permission to retrieve that entry's activity logs via a crafted API request. This issue affects : Devolutions Server 2026.1.6.0 through...

4.3CVSS0.00162EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/22 3:24 p.m.9 views

CVE-2026-9245

Improper input validation in the external authentication provider flow in Devolutions Server allows an unauthenticated remote attacker to redirect victims to an attacker-controlled domain via a crafted login link. This issue affects : Devolutions Server 2026.1.6.0 through 2026.1.16.0 Devolutions...

5CVSS5.8AI score0.00169EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/22 3:24 p.m.15 views

EUVD-2026-31459

Improper input validation in the external authentication provider flow in Devolutions Server allows an unauthenticated remote attacker to redirect victims to an attacker-controlled domain via a crafted login link. This issue affects : Devolutions Server 2026.1.6.0 through 2026.1.16.0 Devolutions...

5CVSS5.8AI score0.00169EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 6:30 p.m.11 views

EUVD-2026-29733

Improper access control in the notification management endpoints in Devolutions Server allows an unauthenticated attacker to modify or delete arbitrary user notification records via missing session validation. This issue affects the following versions : Devolutions Server 2026.1.6.0 through...

5.9AI score0.00162EPSS
Exploits0References2
CVE
CVE
added 2026/04/01 3:7 p.m.10 views

CVE-2026-4989

The CVE-2026-4989 entry describes a vulnerability in Devolutions Server where improper input validation in the gateway health check enables a low-privilege authenticated user to trigger server-side request forgery (SSRF) and potentially disclose information. Affected versions include 2026.1.1–202...

4.3CVSS5.9AI score0.00162EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder