CVE-2026-4434

Severity CVSS v4.0:

Pending analysis

Type:

CWE-295 Improper Certificate Validation

Publication date:

20/03/2026

Last modified:

20/03/2026

Description

Improper certificate validation in the PAM propagation WinRM connections<br /> allows a network attacker to perform a man-in-the-middle attack via <br /> disabled TLS certificate verification.

Impact

References to Advisories, Solutions, and Tools

https://devolutions.net/security/advisories/DEVO-2026-0005/