Severity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
6DescriptionCVE.org
Improper certificate validation in the PAM propagation WinRM connections allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification.
AnalysisAI
Devolutions Server contains an improper certificate validation vulnerability in its PAM propagation WinRM connections that allows network attackers to conduct man-in-the-middle (MITM) attacks by exploiting disabled TLS certificate verification. This vulnerability affects Devolutions Server versions prior to 2026.1, enabling attackers positioned on the network path to intercept and manipulate WinRM communications without detection. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Requires WinRM PAM propagation connections configured with TLS certificate verification disabled. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | This vulnerability presents a high real-world risk despite the absence of a CVSS score in the provided data. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker positioned on the network between a Devolutions Server instance and target Windows systems (e.g., via compromised network infrastructure, ARP spoofing, or DNS hijacking) intercepts WinRM connections initiated by Devolutions Server for PAM credential propagation. Because certificate validation is disabled, the attacker presents a self-signed certificate that is accepted without verification. … |
| Remediation | Immediately upgrade Devolutions Server to version 2026.1 or later, which includes the certificate validation fix. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all Devolutions Server instances and identify versions prior to 2026.1; document current version numbers and deployment scope. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Provider service users in Bitwarden Server Cloud can hijack arbitrary organizations via unauthorized API endpoint access
Authentication bypass in Bitwarden Server versions prior to 2026.4.1 allows authenticated users with SCIM management pri
JetAudio jetCast Server 2.0 contains a stack-based buffer overflow vulnerability in the Log Directory configuration fiel
Privilege escalation in self-hosted Bitwarden Server before 2026.5.0 lets an authenticated organization member holding a
OS command injection in MariaDB Server (CWE-78) lets an attacker achieve remote code execution on Galera cluster nodes b
Broken access control in Bitwarden Server before 2026.5.0 exposes organization billing data to any authenticated user vi
Bitwarden Server prior to v2026.4.1 allows any authenticated user to write ciphers (encrypted credentials) into arbitrar
Devolutions Server 2026.1.11 and earlier allows authenticated remote attackers to bypass two-factor authentication by re
Devolutions Server versions 2026.1.11 and earlier allow authenticated remote attackers to bypass multi-factor authentica
Sync-in Server is a secure, open-source platform for file storage, sharing, collaboration, and syncing. Prior to version
Tanium addressed a local privilege escalation vulnerability in Tanium Server. [CVSS 6.7 MEDIUM]
Tanium addressed a local privilege escalation vulnerability in Tanium Module Server. [CVSS 6.7 MEDIUM]
Same weakness CWE-295 – Improper Certificate Validation
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-13688