CVE-2026-9047 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.6 HIGH	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L

Base Score

CVSS 3.x

EPSS Score

Percentile: 15%

Affected Products (NVD)

Vendor	Product	Version
devolutions	devolutions_server	2026.1.6.0 ≤ 𝑥 < 2026.1.19.0

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-305 - Authentication Bypass by Primary Weakness
The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.

Vulnerability Media Exposure

[GERMAN] Devolutions Server: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in Devolutions Server ausnutzen, um Sicherheitsvorkehrungen zu umgehen, um Informationen offenzulegen, und um Dateien zu manipulieren.
Published: 2026-05-25T22:00:00+00:00

References

https://devolutions.net/security/advisories/DEVO-2026-0013/