CVE-2026-0610

CVE-2026-0610

Vendor Devolutions

Product Server

Weakness CWE-89 · SQLi

Published January 19, 2026

Last update January 20, 2026

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

SQL Injection vulnerability in remote-sessions in Devolutions Server.This issue affects Devolutions Server 2025.3.1 through 2025.3.12

Key dates

02Disclosure timeline

January 19, 2026 CVE published

January 20, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2026-0610

Related vulnerabilities

04Related CVE

CVE-2026-56068 WordPress JetEngine plugin <= 3.8.10.2 - SQL Injection vulnerability CVE-2025-32850 CVE-2026-10237 SourceCodester Water Billing Management System User Management manage_user sql injection CVE-2021-24860 BSK PDF Manager < 3.1.2 - Admin+ SQL Injection CVE-2021-21927