CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-4396

Improper certificate validation in Devolutions Hub Reporting Service 2025.3.1.1 and earlier allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 1.8%

CVSS Severity

CVSS v3 Score 8.1

References

https://devolutions.net/security/advisories/DEVO-2026-0009/

Products affected by CVE-2026-4396

Devolutions » Hub Reporting Service » Version: Any

cpe:2.3:a:devolutions:hub_reporting_service:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-4396

Products

Pricing

Contact Us