CVE-2026-3563

Name of the Vulnerable Software and Affected Versions PowerShell Universal versions prior to 2026.1.4

Description Improper input validation in the applications and endpoints configuration allows an authenticated user with permissions to create or modify Apps or Endpoints to override existing application or system routes. This can result in unintended request routing and denial of service via a conflicting URL path. The issue affects the configuration of applications and endpoints.

Recommendations Update PowerShell Universal to version 2026.1.4 or later.