CVE-2026-5175 — Improper access control in the multi-factor authentication (MFA) management API in Devolutions Server allows an authenticated attacker to delete their own configured MFA factors and reduce account pro — CVE Database · The Intelligence Room