Supr4S2

**Name of the Vulnerable Software and Affected Versions** Devolutions Server versions prior to 2026.1.20 **Description** Improper access control in the PAM (Privileged Access Management) account discovery feature allows an authenticated user without administrative privileges to delete network discovery scan configurations. **Recommendations** Update to a version later than 2026.1.19.

**Name of the Vulnerable Software and Affected Versions** Devolutions Server versions prior to 2026.1.20 **Description** Improper access control in the permission validation component allows an authenticated user with entry edit privileges to modify asset information without the required permission. **Recommendations** Update to a version later than 2026.1.19.