CVE-2026-8694

MEDIUM(5.3)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Risk Signal Score18/100 — NIEDRIG

CVSS 5.3 — Mittel

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

5.3

Technische Schwere

Beschreibung

Improper access control in Devolutions PowerShell Universal 2026.1.7 and earlier allows an unauthenticated remote attacker to obtain the OpenAPI specification of user-defined REST endpoints.

Referenzen

https://devolutions.net/security/advisories/DEVO-2026-0016/