Medium severity6.5NVD Advisory· Published Apr 28, 2026· Updated May 4, 2026
CVE-2026-6706
CVE-2026-6706
Description
Improper access control in the vault documentation feature in Devolutions Server allows an authenticated attacker to read documentation content from unauthorized vaults via a crafted API request.
This issue affects Server: from 2026.1.6.0 through 2026.1.14.0, through 2025.3.18.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1- devolutions.net/security/advisories/DEVO-2026-0011nvdVendor Advisory
News mentions
0No linked articles in our index yet.