CVE-2026-3204

Severity CVSS v4.0:

Pending analysis

Type:

CWE-20 Input Validation

Publication date:

03/03/2026

Last modified:

03/03/2026

Description

Improper<br /> input validation in the error message page in Devolutions Server 2025.3.15 and earlier allows remote attackers to spoof the displayed error message via a specially crafted URL.

Impact

References to Advisories, Solutions, and Tools

https://devolutions.net/security/advisories/DEVO-2026-0005