Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-10696
PUBLISHED
More InfoOfficial Page
Assigner-DEVOLUTIONS
Assigner Org ID-bfee16bd-18e6-446c-9a65-f5b2e3d89c23
View Known Exploited Vulnerability (KEV) details
Published At-17 Jun, 2026 | 18:43
Updated At-17 Jun, 2026 | 19:39
Rejected At-
▼CVE Numbering Authority (CNA)

Use of an incorrectly resolved name or reference in the pinget backend in Devolutions UniGetUI 2026.2.0 and earlier allows a WinGet community catalog contributor to cause an installed application to be correlated to an unrelated, attacker-controlled catalog package and to execute an attacker-controlled installer via a crafted catalog package whose normalized name is contained as a substring within the installed application name when a user applies the proposed update.

Affected Products
Vendor
DevolutionsDevolutions
Product
UniGetUI
Default Status
unaffected
Versions
Affected
  • From 0 through 2026.2.1 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-706CWE-706
Type: CWE
CWE ID: CWE-706
Description: CWE-706
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://devolutions.net/security/advisories/DEVO-2026-0019
N/A
Hyperlink: https://devolutions.net/security/advisories/DEVO-2026-0019
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Details not found