Improper Access Control Vulnerability in Devolutions Server
CVE-2026-11890
4.3MEDIUM
What is CVE-2026-11890?
An improper access control vulnerability exists in Devolutions Server that allows authenticated users to access account discovery scan results. This issue may enable malicious actors to exploit sensitive information that should remain confidential and secure. It is essential for administrators to monitor access controls and implement necessary patches to mitigate potential risks associated with this vulnerability.
Affected Version(s)
Devolutions Server 0 < 2026.2.5
Devolutions Server 0 < 2026.1.21
