CVE-2026-4989

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Improper input validation in the gateway health check feature in Devolutions Server allows a low-privileged authenticated user to perform server-side request forgery (SSRF), potentially leading to information disclosure, via a crafted API request. This issue affects Server: from 2026.1.1 through 2026.1.11, from 2025.3.1 through 2025.3.17.

SSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-918

Related Identifiers

CVE-2026-4989

Affected Products

Server

CVE-2026-4989

Weakness Enumeration

Related Identifiers

Affected Products

References · 2