CVE-2026-2590

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

03/03/2026

Last modified:

03/03/2026

Description

Improper<br /> enforcement of the Disable password saving in vaults setting in the <br /> connection entry component in Devolutions Remote Desktop Manager 2025.3.30 and earlier allows an authenticated user to persist credentials in vault entries, <br /> potentially exposing sensitive information to other users, by creating <br /> or editing certain connection types while password saving is disabled.

Impact

References to Advisories, Solutions, and Tools

https://devolutions.net/security/advisories/DEVO-2026-0005