CVE-2026-3221

← CVEs

MED 4.9

Published

2026-02-25

Last Modified

2026-02-28

Affected Apps

Affected Devices

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Sensitive user account information is not encrypted in the database in Devolutions Server 2025.3.14 and earlier, which allows an attacker with access to the database to obtain sensitive user information via direct database access.

Affected Applications in Environment 2

Remote Desktop Manager v2025.3.6.7

1 device

server v1.0.0.0

1 device

Affected Devices 2

EBB107-01 Windows mdm-mbp16-5.local Mac

References 1

https://devolutions.net/security/advisories/DEVO-2026-0004/