Critical severity9.8NVD Advisory· Published Mar 3, 2026· Updated May 10, 2026
CVE-2026-2590
CVE-2026-2590
Description
Improper enforcement of the Disable password saving in vaults setting in the connection entry component in Devolutions Remote Desktop Manager 2025.3.30 and earlier allows an authenticated user to persist credentials in vault entries, potentially exposing sensitive information to other users, by creating or editing certain connection types while password saving is disabled.
Affected products
2- Devolutions/Remote Desktop Managerv5Range: 0
- cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:*:windows:*:*Range: <=2025.3.30.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- devolutions.net/security/advisories/DEVO-2026-0005nvdVendor Advisory
News mentions
0No linked articles in our index yet.