Arbitrary Command Execution Vulnerability in Devolutions Server by Devolutions
CVE-2026-10544
6.5MEDIUM
What is CVE-2026-10544?
A vulnerability exists in Devolutions Server stemming from improper neutralization in the PAM provider's password rotation templates. An authenticated user with write access to a vault could exploit this issue to execute arbitrary commands on the managed systems, potentially leading to unauthorized access and compromising system integrity.
Affected Version(s)
Server 2026.2.4.0
Server 0 <= 2026.1.20.0
