CVE-2026-3221

The CVE-2026-3221 entry affects Devolutions Server prior to or including 2025.3.14, where sensitive user account information is not encrypted in the database. This enables an attacker with direct database access to obtain sensitive data. The description does not specify exact data fields, affecte...

CVE-2026-3221

Sensitive user account information is not encrypted in the database in Devolutions Server 2025.3.14 and earlier, which allows an attacker with access to the database to obtain sensitive user information via direct database access...

CVE-2026-3221

Sensitive user account information is not encrypted in the database in Devolutions Server 2025.3.14 and earlier, which allows an attacker with access to the database to obtain sensitive user information via direct database access...

Devolutions Server 安全漏洞

Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server prior to 2025.3.14 contained a security vulnerability; this vulnerability stemmed from the...

PT-2026-21978

Name of the Vulnerable Software and Affected Versions Devolutions Server versions 2025.3.14 and earlier Description Sensitive user account information is not encrypted in the database. An attacker gaining access to the database can obtain this sensitive information through direct database access...

CVE-2026-3131

Improper access control in multiple DVLS REST API endpoints in Devolutions Server 2025.3.14.0 and earlier allows an authenticated user with view-only permission to access sensitive connection data...

CVE-2026-3131

Improper access control in multiple DVLS REST API endpoints in Devolutions Server 2025.3.14.0 and earlier allows an authenticated user with view-only permission to access sensitive connection data...

CVE-2026-1768

A permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypass permissions to access entries.This issue affects Devolutions Server: before 2025.3.15...

CVE-2026-1768

A permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypass permissions to access entries.This issue affects Devolutions Server: before 2025.3.15...

CVE-2026-3131

Improper access control in multiple DVLS REST API endpoints in Devolutions Server 2025.3.14.0 and earlier allows an authenticated user with view-only permission to access sensitive connection data...

CVE-2026-3131

Improper access control in multiple DVLS REST API endpoints in Devolutions Server 2025.3.14.0 and earlier allows an authenticated user with view-only permission to access sensitive connection data...

CVE-2026-3131

CVE-2026-3131 affects Devolutions Server 2025.3.14.0 and earlier. The issue is improper access control in multiple DVLS REST API endpoints, allowing an authenticated user with view‑only permission to access sensitive connection data. The provided documents do not include exploitation details or a...

CVE-2026-3131

Improper access control in multiple DVLS REST API endpoints in Devolutions Server 2025.3.14.0 and earlier allows an authenticated user with view-only permission to access sensitive connection data...

CVE-2026-1768

A permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypass permissions to access entries.This issue affects Devolutions Server: before 2025.3.15...

CVE-2026-1768

CVE-2026-1768 describes a permission cache poisoning vulnerability in Devolutions Server where authenticated users can bypass permissions to access entries. Affected: Devolutions Server, prior to 2025.3.15. The description does not specify exploit details, affected components, root cause beyond a...

CVE-2026-1768

A permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypass permissions to access entries.This issue affects Devolutions Server: before 2025.3.15...

CVE-2026-1768

A permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypass permissions to access entries.This issue affects Devolutions Server: before 2025.3.15...

PT-2026-21792

Name of the Vulnerable Software and Affected Versions Devolutions Server versions 2025.3.14.0 and earlier Description An issue exists in Devolutions Server where improper access control in several DVLS REST API endpoints allows an authenticated user with view-only permissions to access sensitive...

Devolutions Server 安全漏洞

Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server prior to 2025.3.14.0 contained security vulnerabilities. These vulnerabilities stemmed fro...

PT-2026-21786

Name of the Vulnerable Software and Affected Versions Devolutions Server versions prior to 2025.3.15 Description An authenticated user can bypass permissions and access entries due to a permission cache poisoning issue in Devolutions Server. Recommendations Update Devolutions Server to version...