{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-6706", "assignerOrgId": "bfee16bd-18e6-446c-9a65-f5b2e3d89c23", "state": "PUBLISHED", "assignerShortName": "DEVOLUTIONS", "dateReserved": "2026-04-20T18:05:39.474Z", "datePublished": "2026-04-28T13:11:44.350Z", "dateUpdated": "2026-04-28T17:36:03.236Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "bfee16bd-18e6-446c-9a65-f5b2e3d89c23", "shortName": "DEVOLUTIONS", "dateUpdated": "2026-04-28T13:11:44.350Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-862", "description": "CWE-862: Missing Authorization", "type": "CWE"}]}], "affected": [{"vendor": "Devolutions", "product": "Server", "versions": [{"status": "affected", "version": "0", "lessThanOrEqual": "2026.1.14.0", "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Improper\n access control in the vault documentation feature in Devolutions Server \n2026.1.14.0 and earlier allows an authenticated attacker to read documentation content from unauthorized vaults via a crafted API request.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<span><span><span>Improper\n access control in the vault documentation feature in Devolutions Server \n2026.1.14.0 and earlier allows an authenticated attacker to read documentation content from unauthorized vaults via a crafted API request.</span></span></span>"}]}], "references": [{"url": "https://devolutions.net/security/advisories/DEVO-2026-0011"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.2"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-28T17:34:47.842468Z", "id": "CVE-2026-6706", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T17:36:03.236Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-6706", "assignerOrgId": "bfee16bd-18e6-446c-9a65-f5b2e3d89c23", "state": "PUBLISHED", "assignerShortName": "DEVOLUTIONS", "dateReserved": "2026-04-20T18:05:39.474Z", "datePublished": "2026-04-28T13:11:44.350Z", "dateUpdated": "2026-04-28T17:36:03.236Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "bfee16bd-18e6-446c-9a65-f5b2e3d89c23", "shortName": "DEVOLUTIONS", "dateUpdated": "2026-04-28T13:11:44.350Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-862", "description": "CWE-862: Missing Authorization", "type": "CWE"}]}], "affected": [{"vendor": "Devolutions", "product": "Server", "versions": [{"status": "affected", "version": "0", "lessThanOrEqual": "2026.1.14.0", "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Improper\n access control in the vault documentation feature in Devolutions Server \n2026.1.14.0 and earlier allows an authenticated attacker to read documentation content from unauthorized vaults via a crafted API request.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<span><span><span>Improper\n access control in the vault documentation feature in Devolutions Server \n2026.1.14.0 and earlier allows an authenticated attacker to read documentation content from unauthorized vaults via a crafted API request.</span></span></span>"}]}], "references": [{"url": "https://devolutions.net/security/advisories/DEVO-2026-0011"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.2"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-6706", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-28T17:34:47.842468Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T17:35:57.734Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper\n access control in the vault documentation feature in Devolutions Server \n2026.1.14.0 and earlier allows an authenticated attacker to read documentation content from unauthorized vaults via a crafted API request."}], "id": "CVE-2026-6706", "lastModified": "2026-04-28T20:23:20.703", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-28T14:16:14.150", "references": [{"source": "security@devolutions.net", "url": "https://devolutions.net/security/advisories/DEVO-2026-0011"}], "sourceIdentifier": "security@devolutions.net", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@devolutions.net", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,2026.1.14.0]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Server", "source": "cna", "vendor": "Devolutions"}, "product": "server", "vendor": "devolutions"}], "analysis": {"en": {"generated_at": "2026-04-28T23:19:31.355974+00:00", "value": {"mitigation_remediation": ["Upgrade Devolutions Server to a version newer than 2026.1.14.0 or apply the official patch if available.", "Ensure that API access is restricted to the minimal set of vaults required for each authenticated user and that role\u2011based permissions are correctly enforced.", "Monitor API traffic for unusual requests targeting vault documentation endpoints and review audit logs for unauthorized access attempts."], "summary": {"action": "Patch", "impact": "Unauthorized read of vault documentation"}, "threat_synthesis": {"affected_systems": "The vulnerability affects Devolutions Server, specifically all instances running the 2026.1.14.0 release or earlier. No additional affected vendors or version ranges were identified in the advisory.", "description_and_impact": "Devolutions Server versions 2026.1.14.0 and earlier contain an improper access control flaw in the vault documentation feature that allows an attacker who is already authenticated to read documentation content from vaults to which they do not have permission. The flaw is enabled via a crafted API request and results in the disclosure of potentially sensitive documentation data, compromising confidentiality of the affected vaults without affecting ownership or system availability.", "risk_and_exploitability": "The impact is limited to information disclosure; acquisition of access credentials is a prerequisite. The EPSS score is not available, and the issue is not listed in CISA's KEV catalog, suggesting that while exploitability is possible, widespread exploitation has not been observed yet. The CVSS score is 6.5, indicating a moderate severity that still warrants timely remediation."}}}}, "created": "2026-04-28T16:00:12.316291+00:00", "title": "Improper Access Control Enables Unauthorized Read of Vault Documentation via API", "updated": "2026-04-28T23:30:06.104646+00:00", "vendors": ["devolutions", "devolutions$PRODUCT$server"]}