CVE-2026-3563
published 2026-03-17CVE-2026-3563: Improper input validation in the apps and endpoints configuration in PowerShell Universal before 2026.1.4 allows an authenticated user with permissions to…
PriorityP430medium5.5CVSS 3.1
AVNACLPRHUINSUCNIHAL
EPSS
0.34%
25.9th percentile
Improper input validation in the apps and endpoints configuration in PowerShell Universal before 2026.1.4 allows an authenticated user with permissions to create or modify Apps or Endpoints to override existing application or system routes, resulting in unintended request routing and denial of service via a conflicting URL path.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| devolutions | powershell_universal | >= 2026.1.0 < 2026.1.4 | 2026.1.4 |
| ironmansoftware | powershell_universal | < 2026.1.4 | 2026.1.4 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Wiz
CVE-2026-3563 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.8
CVE-2026-3563 [HIGH] CVE-2026-3563 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-3563 :
Ironman Software PowerShell Universal vulnerability analysis and mitigation
Improper input validation in the apps and endpoints configuration in PowerShell Universal before 2026.1.4 allows an authenticated user with permissions to create or modify Apps or Endpoints to override existing application or system routes, resulting in unintended request routing and denial of service via a conflicting URL path.
Source : NVD
## 5.5
Score
Published March 17, 2026
Severity MEDIUM
CNA Score 5.5
Affected Technologies
Ironman Software PowerShell Universal
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 17.4
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
cpe
Wiz
CVE-2026-0618 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.8
CVE-2026-0618 [HIGH] CVE-2026-0618 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-0618 :
Ironman Software PowerShell Universal vulnerability analysis and mitigation
Cross-site Scripting vulnerability in Devolutions PowerShell Universal.This issue affects Powershell Universal: before 4.5.6, before 5.6.13.
Source : NVD
## 6.1
Score
Published January 7, 2026
Severity MEDIUM
CNA Score 6.1
Affected Technologies
Ironman Software PowerShell Universal
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 12.4
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:ironmansoftware:powershell_universal
Sources
Windows Severity MEDIUM Has Fix Added at: Jan 30, 2026
Windows Severity MEDIUM Has Fix Added at: Jan 30, 2026
## Get a CVE risk asse
Wiz
CVE-2026-3277 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.8
CVE-2026-3277 [HIGH] CVE-2026-3277 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-3277 :
Ironman Software PowerShell Universal vulnerability analysis and mitigation
The OpenID Connect (OIDC) authentication configuration in PowerShell
Universal before 2026.1.3 stores the OIDC client secret in cleartext in
the .universal/authentication.ps1 script, which allows an attacker with read access to that file to obtain the OIDC client credentials
Source : NVD
## 6.5
Score
Published February 27, 2026
Severity MEDIUM
CNA Score 5.5
Affected Technologies
Ironman Software PowerShell Universal
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 1
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:ironmansoftware:powershell_universal
Sources
W
Wiz
CVE-2026-4064 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.8
CVE-2026-4064 [HIGH] CVE-2026-4064 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-4064 :
Ironman Software PowerShell Universal vulnerability analysis and mitigation
Missing authorization checks on multiple gRPC service endpoints in PowerShell Universal before 2026.1.4 allows an authenticated user with any valid token to bypass role-based access controls and perform privileged operations — including reading sensitive data, creating or deleting resources, and disrupting service operations — via crafted gRPC requests.
Source : NVD
## 8.3
Score
Published March 17, 2026
Severity HIGH
CNA Score 8.3
Affected Technologies
Ironman Software PowerShell Universal
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 13.7
Exploitation Probability (EPSS) N/A
Affected pack
2026-03-17
Published