What is CVE-2026-13437?

CVE-2026-13437 is a medium-severity vulnerability in Devolutions Powershell Universal, classified under Insertion of Sensitive Information into Sent Data. CVSS score: 6.5/10. Published 2026-06-29.

How severe is CVE-2026-13437?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Devolutions Powershell Universal

CVE-2026-13437

Insertion of sensitive information into sent data in the AI Agent job API in Devolutions PowerShell Universal 2026.2.0 allows an authenticated user with AI Agent read access to obtain reusable, potentially higher-privileged authentication…

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Devolutions Powershell Universal — versions 2026.2.0

Weakness classification (CWE)

CWE-201 — Insertion of Sensitive Information into Sent Data

References

security@devolutions.net

Frequently asked questions

What is CVE-2026-13437?: CVE-2026-13437 is a medium-severity vulnerability in Devolutions Powershell Universal, classified under Insertion of Sensitive Information into Sent Data. CVSS score: 6.5/10. Published 2026-06-29.
How severe is CVE-2026-13437?: Medium severity. CVSS v3 base score is 6.5 out of 10.