Unrated severityNVD Advisory· Published Mar 17, 2026· Updated Mar 17, 2026

CVE-2026-3563

Description

Improper input validation in the apps and endpoints configuration in PowerShell Universal before 2026.1.4 allows an authenticated user with permissions to create or modify Apps or Endpoints to override existing application or system routes, resulting in unintended request routing and denial of service via a conflicting URL path.

Affected products

PowerShell Universal/PowerShell Universalllm-create
Range: <2026.1.4
Devolutions/PowerShell Universalv5
Range: 2026.1.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

devolutions.net/security/advisories/DEVO-2026-0008mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000