CVE-2026-1768

MEDIUM 4.3

CVSS Score

4.3

EPSS Score

0.0%

EPSS Percentile

0th

A permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypass permissions to access entries.This issue affects Devolutions Server: before 2025.3.15.

CWE	CWE-863
Vendor	devolutions
Product	devolutions server
Published	Feb 24, 2026
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for devolutions devolutions server

Be the first to know when new medium vulnerabilities affecting devolutions devolutions server are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Devolutions / Devolutions Server

0 < 2025.3.15

References

NVD ↗ CVE.org ↗ EPSS Data ↗

devolutions.net: https://devolutions.net/security/advisories/DEVO-2026-0004/