CVE-2026-12162

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published Jun 16, 2026

Vendor unknown

Description

Improper host validation in the social login autofill feature in Devolutions Remote Desktop Manager 2026.2.8 allows an attacker to disclose stored social login credentials via a crafted web entry pointing to a provider lookalike domain.

References

https://devolutions.net/security/advisories/DEVO-2026-0018/