Unrated severityNVD Advisory· Published Jul 22, 2025· Updated Nov 25, 2025

CVE-2025-6741

Description

Improper access control in secure message component in Devolutions Server allows an authenticated user to steal unauthorized entries via the secure message entry attachment feature

This issue affects the following versions :

* Devolutions Server 2025.2.2.0 through 2025.2.4.0 * Devolutions Server 2025.1.11.0 and earlier

Affected products

Devolutions/Devolutions Serverllm-fuzzy
Range: <=2025.1.11.0
Devolutions/Serverv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

devolutions.net/security/advisories/DEVO-2025-0012/mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000