Skip to main content

Server CVE-2026-4828

| EUVDEUVD-2026-17919 HIGH
Weak Authentication (CWE-1390)
2026-04-01 DEVOLUTIONS GHSA-g894-3pcr-4hv9
8.2
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.2 HIGH
AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

3
EUVD ID Assigned
Apr 01, 2026 - 15:30 euvd
EUVD-2026-17919
Analysis Generated
Apr 01, 2026 - 15:30 vuln.today
CVE Published
Apr 01, 2026 - 14:48 nvd
HIGH 8.2

DescriptionCVE.org

Improper authentication in the OAuth login functionality in Devolutions Server 2026.1.11 and earlier allows a remote attacker with valid credentials to bypass multi-factor authentication via a crafted login request.

AnalysisAI

Devolutions Server versions 2026.1.11 and earlier allow authenticated remote attackers to bypass multi-factor authentication through improper validation of OAuth login requests, enabling account takeover without second-factor verification. CISA KEV status and exploit availability not confirmed at time of analysis.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain valid user credentials
Exploit
Craft malicious OAuth login request
Execution
Bypass multi-factor authentication
Impact
Gain unauthorized access to Devolutions Server

Vulnerability AssessmentAI

Exploitation Devolutions Server 2026.1.11 and earlier with OAuth login enabled. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment While CVSS score is not provided, the vulnerability carries significant real-world risk. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with compromised or valid user credentials (e.g., via phishing or credential stuffing) initiates an OAuth login to Devolutions Server. Instead of completing the standard multi-factor authentication prompt, the attacker crafts a modified login request that exploits improper validation in the OAuth flow, causing the server to skip or incorrectly validate the MFA check. …
Remediation Organizations should immediately upgrade Devolutions Server to version 2026.1.12 or later, which contains the authentication validation fix. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

More in Server

View all
CVE-2026-43639 HIGH POC
8.9 May 11

Provider service users in Bitwarden Server Cloud can hijack arbitrary organizations via unauthorized API endpoint access

CVE-2026-43640 HIGH POC
8.6 May 11

Authentication bypass in Bitwarden Server versions prior to 2026.4.1 allows authenticated users with SCIM management pri

CVE-2019-25609 HIGH POC
8.6 Mar 22

JetAudio jetCast Server 2.0 contains a stack-based buffer overflow vulnerability in the Log Directory configuration fiel

CVE-2026-57520 HIGH POC
7.1 Jun 25

Privilege escalation in self-hosted Bitwarden Server before 2026.5.0 lets an authenticated organization member holding a

CVE-2026-49261 CRITICAL
9.8 Jun 11

OS command injection in MariaDB Server (CWE-78) lets an attacker achieve remote code execution on Galera cluster nodes b

CVE-2026-57521 MEDIUM POC
5.3 Jun 25

Broken access control in Bitwarden Server before 2026.5.0 exposes organization billing data to any authenticated user vi

CVE-2026-43638 MEDIUM POC
5.3 May 11

Bitwarden Server prior to v2026.4.1 allows any authenticated user to write ciphers (encrypted credentials) into arbitrar

CVE-2026-4924 HIGH
8.2 Apr 01

Devolutions Server 2026.1.11 and earlier allows authenticated remote attackers to bypass two-factor authentication by re

CVE-2026-4434 HIGH
8.1 Mar 20

Devolutions Server contains an improper certificate validation vulnerability in its PAM propagation WinRM connections th

CVE-2026-41161 MEDIUM
6.9 May 08

Sync-in Server is a secure, open-source platform for file storage, sharing, collaboration, and syncing. Prior to version

CVE-2025-15316 MEDIUM
6.7 Feb 09

Tanium addressed a local privilege escalation vulnerability in Tanium Server. [CVSS 6.7 MEDIUM]

CVE-2025-15315 MEDIUM
6.7 Feb 09

Tanium addressed a local privilege escalation vulnerability in Tanium Module Server. [CVSS 6.7 MEDIUM]

Share

CVE-2026-4828 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy