CVE-2026-10787
CVE-2026-10787
Missing authorization in the deleted user groups API in Devolutions Server allows an authenticated low-privileged user to enumerate metadata of deleted user groups via a crafted API request. This issue affects : * Devolutions Server 2…
Vulnerability class: Broken Access Control