CVE-2026-1007

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

19/01/2026

Last modified:

19/01/2026

Description

Incorrect Authorization vulnerability in virtual gateway component in Devolutions Server allows attackers to bypass deny IP rules.This issue affects Server: from 2025.3.1 through 2025.3.12.

Impact

References to Advisories, Solutions, and Tools

https://devolutions.net/security/advisories/DEVO-2026-0003/