CVE-2026-3563

Medium CVSS: 5.5

Improper input validation in the apps and endpoints configuration in PowerShell Universal before 2026.1.4 allows an authenticated user with permissions to create or modify Apps or Endpoints to override existing application or system routes, resulting in unintended request routing and denial of service via a conflicting URL path.

Vendor

Ironmansoftware

Product

Powershell Universal

CWE

CWE-1289

Yayın Tarihi

2026-03-17 20:16:14

Güncelleme

2026-03-19 13:04:11

Source Identifier

security@devolutions.net

KEV Date Added

Kategoriler

CWE-1289 Powershell Universal MEDIUM Ironmansoftware 2026

Referanslar

https://devolutions.net/security/advisories/DEVO-2026-0008

Benzer Kayıtlar

High

CVE-2026-4064

Missing authorization checks on multiple gRPC service endpoints in PowerShell Universal before 2026.1.4 allows an authen…

Medium

CVE-2026-3277

The OpenID Connect (OIDC) authentication configuration in PowerShell Universal before 2026.1.3 stores the OIDC client s…

Medium

CVE-2026-0618

Cross-site Scripting vulnerability in Devolutions PowerShell Universal.This issue affects Powershell Universal: before 4…