Server 2026.2.5, 2026.1.21 allows an authenticated user to retrieve
account discovery scan results.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Devolutions | Devolutions Server | unaffected |
|
No data.
No data.
| Vendor | Product | Confidence | Versions | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Devolutions | Devolutions Server | 100% |
|
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
No remediation available yet.
Tracking
Sign in to view the affected projects.
No advisories yet.
| Link | Providers |
|---|---|
| https://devolutions.net/security/advisories/DEVO-2026-0017/ |
|
Tue, 16 Jun 2026 21:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Devolutions
Devolutions devolutions Server |
|
| Vendors & Products |
Devolutions
Devolutions devolutions Server |
Tue, 16 Jun 2026 19:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper access control in PAM account discovery results in Devolutions Server 2026.2.5, 2026.1.21 allows an authenticated user to retrieve account discovery scan results. | |
| Weaknesses | CWE-882 | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: DEVOLUTIONS
Published:
Updated: 2026-06-16T18:24:00.306Z
Reserved: 2026-06-10T15:08:21.510Z
Link: CVE-2026-11890
Vulnrichment
No data.
NVD
Status : Awaiting Analysis
Published: 2026-06-16T20:16:27.227
Modified: 2026-06-16T20:41:35.520
Link: CVE-2026-11890
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-06-16T20:45:02Z