CVE-2026-3563

CVSS Score & Metrics

Base Score

5.5 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L                                    

Vulnerability Description

Improper input validation in the apps and endpoints configuration in PowerShell Universal before 2026.1.4 allows an authenticated user with permissions to create or modify Apps or Endpoints to override existing application or system routes, resulting in unintended request routing and denial of service via a conflicting URL path.

Vulnerability Details

Published Date

March 17, 2026

Last Modified

March 18, 2026

CWE ID

CWE-1289

Source

NVD

External References

https://devolutions.net/security/advisories/DEVO-2026-0008

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment