Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-3277
PUBLISHED
More InfoOfficial Page
Assigner-DEVOLUTIONS
Assigner Org ID-bfee16bd-18e6-446c-9a65-f5b2e3d89c23
View Known Exploited Vulnerability (KEV) details
Published At-27 Feb, 2026 | 15:11
Updated At-27 Feb, 2026 | 15:11
Rejected At-
▼CVE Numbering Authority (CNA)

The OpenID Connect (OIDC) authentication configuration in PowerShell Universal before 2026.1.3 stores the OIDC client secret in cleartext in the .universal/authentication.ps1 script, which allows an attacker with read access to that file to obtain the OIDC client credentials

Affected Products
Vendor
DevolutionsDevolutions
Product
PowerShell Universal
Default Status
unaffected
Versions
Affected
  • From 0 before 2026.1.3 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-312CWE-312 Cleartext Storage of Sensitive Information
Type: CWE
CWE ID: CWE-312
Description: CWE-312 Cleartext Storage of Sensitive Information
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://devolutions.net/security/advisories/DEVO-2026-0006
N/A
Hyperlink: https://devolutions.net/security/advisories/DEVO-2026-0006
Resource: N/A
Details not found