What is GHSA-3xh5-wf4g-97h5?

GHSA-3xh5-wf4g-97h5 is a security advisory published by GitHub Security Advisories with Medium severity. Improper access control in the permission validation component in Devolutions Server 2026.1.19...

Which CVE IDs does GHSA-3xh5-wf4g-97h5 cover?

GHSA-3xh5-wf4g-97h5 covers the following CVE IDs: CVE-2026-9590. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-3xh5-wf4g-97h5?

GHSA-3xh5-wf4g-97h5 has a CVSS v3 base score of 5.3, published by GitHub Security Advisories.

GHSA-3xh5-wf4g-97h5MediumCVSS 5.3

Improper access control in the permission validation component in Devolutions Server 2026.1.19...

Vendor

GitHub Security Advisories

Published

June 2, 2026

Last Modified

June 2, 2026

🔗 CVE IDs covered (1)

CVE-2026-9590 →

📋 Description

Improper access control in the permission validation component in Devolutions Server 2026.1.19 and earlier allows an authenticated user with entry edit privileges to modify asset information without the required permission.

🔗 References (3)

https://nvd.nist.gov/vuln/detail/CVE-2026-9590
https://devolutions.net/security/advisories/DEVO-2026-0014
https://github.com/advisories/GHSA-3xh5-wf4g-97h5