Loading market data...
← Back to CVE feed

CVE-2026-12117

UNKNOWN View on NVD ↗

Description

Improper access control in the social login connection endpoint in Devolutions Server 2026.2.5 allows an authenticated vault member to enumerate social login entry metadata to which they are not authorized via a crafted API request.

Published: Jun 16, 2026 20:16 UTC Modified: Jun 16, 2026 20:41 UTC