Vulnerability in Devolutions Powershell Universal
CVE-2026-3277
The OpenID Connect (OIDC) authentication configuration in PowerShell Universal before 2026.1.3 stores the OIDC client secret in cleartext in the .universal/authentication.ps1 script, which allows an attacker with read access to that file…
EPSS: 0.000 (1.4th percentile) — read the EPSS interpretation.
Affected products
- Devolutions Powershell Universal — versions 0