What is CVE-2026-0610?

A critical SQL injection vulnerability in Devolutions Server could allow attackers to compromise confidentiality, integrity, and availability. Organizations must prioritize remediation to mitigate risks associated with this vulnerability.

What is the severity of CVE-2026-0610?

CVE-2026-0610 has a severity rating of CRITICAL with a CVSS base score of 9.8.

CVE-2026-0610 | Critical Vulnerability in Devolutions Server

CVE-2026-0610 describes a critical SQL Injection vulnerability in the remote-sessions feature of Devolutions Server. This vulnerability affects versions 2025.3.1 through 2025.3.12 and carries a CVSS score of 9.8, indicating serious potential risks to organizations' systems. As a result, the urgency for remediation is high, with organizations needing to address this issue promptly to avoid exploitation.

Risk to organizations includes the potential for unauthorized access to sensitive data, manipulation of database contents, and disruption of service availability. Given that the attack vector is network-based and the complexity is low, attackers may leverage this vulnerability easily if left unaddressed.

Currently, there are no confirmed public exploits or proof-of-concept (PoC) code available, but the critical severity necessitates immediate action from organizations using affected versions of Devolutions Server. Organizations should prioritize patching immediately.

The urgency for defenders cannot be understated. With the potential impacts on confidentiality, integrity, and availability, organizations must take proactive steps to mitigate risks associated with this vulnerability.

Vulnerability Details

The vulnerability is characterized as a SQL Injection flaw, classified under CWE-89. It allows attackers to manipulate queries made to the database, potentially leading to unauthorized data access or modification. This vulnerability is particularly concerning due to its high CVSS score of 9.8, indicating a critical threat level.

Devolutions Server versions 2025.3.1 to 2025.3.12 are affected. The vulnerability was published on January 19, 2026, and has been analyzed for its impact and exploitability.

Technical Analysis

The root cause of the vulnerability is improper validation of user inputs in SQL queries, which allows attackers to inject malicious SQL code. The attack vector is network-based, with low complexity, meaning that no special conditions or privileges are needed to exploit this vulnerability.

No user interaction is required, and the impacts on confidentiality, integrity, and availability are all rated as high, making this a serious concern for organizations relying on Devolutions Server for remote sessions.

Risk & Impact Analysis

The real-world deployment risk associated with this vulnerability is significant, as it allows for potential unauthorized access to sensitive information. Organizations that utilize Devolutions Server must understand the implications this vulnerability may have on their operations.

The blast radius is potentially extensive, affecting multiple users and systems that rely on the vulnerable versions. With the CVSS score indicating critical severity, organizations should address this vulnerability in their priority patch cycle.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

All versions of Devolutions Server from 2025.3.1 to 2025.3.12 are affected by this vulnerability. Organizations should ensure they upgrade to a patched version to mitigate risks.

Mitigation & Remediation

To remediate this vulnerability, organizations should apply the latest patches provided by the vendor. If patches are not available, consider implementing additional input validation and sanitization measures for SQL queries as a temporary workaround. Regularly review and update security configurations and perform continuous security testing to identify similar vulnerabilities.

Organizations should validate remediation through continuous security testing to ensure that similar issues do not persist.

Detection Guidance

Monitor logs for anomalous database queries that indicate potential SQL Injection attempts. Implement network signatures to detect unusual traffic patterns associated with this vulnerability. Regularly review system changes to identify unauthorized modifications.

AppSecure Threat Intelligence Insight

The long-term significance of CVE-2026-0610 lies in its demonstration of how SQL Injection vulnerabilities can compromise database security at scale. Organizations should recognize the trend of increasing SQL Injection attacks and the need for robust defensive mechanisms.

This vulnerability serves as a reminder of the importance of secure coding practices. Security teams should prioritize the implementation of strong input validation measures as a fundamental aspect of application security.

For more insights on security testing best practices, organizations can refer to the penetration testing methodology that outlines effective strategies for identifying vulnerabilities.

Additionally, organizations should be aware of the evolving threat landscape and continuously adapt their security strategies to address new challenges.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2026-7704	CVE-2026-7704: Low Vulnerability in AV Stumpfl Pixera Two Media Server	LOW	Path Traversal	May 3, 2026
CVE-2026-7703	CVE-2026-7703: Medium Vulnerability in AV Stumpfl Pixera Two Media Server	MEDIUM	Injection	May 3, 2026
CVE-2026-7702	CVE-2026-7702: Medium Vulnerability in toeverything AFFiNE	MEDIUM	Improper Authorization	May 3, 2026
CVE-2026-7701	CVE-2026-7701: Low Vulnerability in Telegram Desktop	LOW	Null Pointer Dereference	May 3, 2026
CVE-2026-7700	CVE-2026-7700: Low Vulnerability in langflow-ai langflow	LOW	Injection	May 3, 2026

CVE-2026-0610: Critical Vulnerability in Devolutions Server