Back to search
CVE-2026-4396
Published: Mar 18, 2026
Modified: Mar 18, 2026
PUBLISHED
Description
Improper certificate validation in Devolutions Hub Reporting Service 2025.3.1.1 and earlier allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification.
| Vendor | Product | Versions |
|---|---|---|
Devolutions | Hub Reporting Service | affected 0 - <= 2025.3.1.1 |
Weaknesses (CWE)
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now