Vulnerability Details CVE-2026-10544
Improper neutralization of special elements in the built-in PAM provider password rotation templates in Devolutions Server allows an authenticated user with write access to a vault to execute arbitrary commands on the systems managed by the affected PAM provider.
This issue affects :
* Devolutions Server 2026.2.4.0
* Devolutions Server 2026.1.20.0 and earlier
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.6%
CVSS Severity
CVSS v3 Score 6.5