CVE-2026-12161
CVSS Score
8.8
EPSS Score
0.0%
EPSS Percentile
0th
Improper input validation in the SSH Elevate Shell feature in Devolutions Remote Desktop Manager 2026.2.7 allows an authenticated user with permission to create or modify a shared SSH entry to execute arbitrary commands on a remote SSH host using stored elevation credentials via a crafted alternate username and user interaction with the Elevate Shell action.
| CWE | CWE-78 |
| Vendor | devolutions |
| Product | remote desktop manager |
| Published | Jun 15, 2026 |
| Last Updated | Jun 16, 2026 |
Stay Ahead of the Next One
Get instant alerts for devolutions remote desktop manager
Be the first to know when new high vulnerabilities affecting devolutions remote desktop manager are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Devolutions / Remote Desktop Manager
0 โค 2026.2.7