Low severity2.6NVD Advisory· Published May 22, 2026· Updated May 22, 2026
CVE-2026-9248
CVE-2026-9248
Description
Authorization bypass in the entry duplication feature in Devolutions Server allows an authenticated user with write access to any vault to copy documentation and attachments from an entry in a vault they cannot access via a crafted save request.
This issue affects :
- Devolutions Server 2026.1.6.0 through 2026.1.16.0
- Devolutions Server 2025.3.20.0 and earlier
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- devolutions.net/security/advisories/DEVO-2026-0013/nvdVendor Advisory
News mentions
0No linked articles in our index yet.