CVE-2026-12162 | Improper host validation in the social login autofill featur…

Description

Improper host validation in the social login autofill feature in Devolutions Remote Desktop Manager 2026.2.8 allows an attacker to disclose stored social login credentials via a crafted web entry pointing to a provider lookalike domain.

Metadata

CVE ID: CVE-2026-12162
State: PUBLISHED
Assigner: DEVOLUTIONS
Reserved: 2026-06-12 19:19 UTC
Published: 2026-06-15 23:56 UTC
Last updated: 2026-06-15 23:57 UTC
Vendor / Product: Devolutions / Remote Desktop Manager
Sources: cve.org · NVD

Severity & Metrics

No CVSS data available.

Affected products (1)

Vendor	Product	Platform	Versions
Devolutions	Remote Desktop Manager	—	2026.2.0 ≤ 2026.2.8

References (1)

https://devolutions.net/security/advisories/DEVO-2026-0018/