CVE-2026-4434

Description

Improper certificate validation in the PAM propagation WinRM connections allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification.

References

• https://devolutions.net/security/advisories/DEVO-2026-0005/