Denial of Service Vulnerability in Devolutions Server by Devolutions
CVE-2025-11958

4.1MEDIUM

Key Information:

Vendor: Devolutions
Status: Server
Vendor: CVE Published:; 22 October 2025

🔔 Create Devolutions Vulnerability Alert

What is CVE-2025-11958?

A significant vulnerability has been identified in Devolutions Server, specifically in the Security Dashboard's ignored-tasks API. This vulnerability arises from improper input validation, which allows an authenticated user to submit crafted requests that can lead to a denial of service, impacting the availability of the Security Dashboard. It is crucial for users of Devolutions Server versions 2025.2.15.0 and earlier to address this issue promptly to safeguard their systems against potential service disruptions.

Affected Version(s)

Server 0 <= 2025.2.15.0

References

https://devolutions.net/security/advisories/DEVO-2025-0015/

CVSS V3.1

Score:

4.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 22, 2025
Vulnerability Reserved
Oct 20, 2025

JSON