CVE-2026-3563
CVSS Score
5.5
EPSS Score
0.0%
EPSS Percentile
0th
Improper input validation in the apps and endpoints configuration in PowerShell Universal before 2026.1.4 allows an authenticated user with permissions to create or modify Apps or Endpoints to override existing application or system routes, resulting in unintended request routing and denial of service via a conflicting URL path.
| CWE | CWE-1289 |
| Vendor | devolutions |
| Product | powershell universal |
| Published | Mar 17, 2026 |
| Last Updated | Mar 17, 2026 |
Stay Ahead of the Next One
Get instant alerts for devolutions powershell universal
Be the first to know when new medium vulnerabilities affecting devolutions powershell universal are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Devolutions / PowerShell Universal
2026.1.0 < 2026.1.4