Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-14536

Improper enforcement of a mandatory multi-factor authentication policy in Devolutions Server 2026.2.9.0 allows an attacker with valid user credentials to bypass the MFA Required policy and authenticate without completing multi-factor authentication. The problem occurs when DVLS encounters an invalid default MFA value.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 7.7%
CVSS Severity
CVSS v3 Score 8.8
Products affected by CVE-2026-14536


Contact Us

Shodan ® - All rights reserved