Ironman Software PowerShell Universal is a platform for building web-based IT tools, automation platforms, APIs, and processes using PowerShell. It allows you to run scripts, schedule PowerShell jobs, and create dashboards. With REST APIs and authentication features, PowerShell Universal provides secure and controlled execution of your scripts.

Ironman Software PowerShell Universal

Improper input validation in the apps and endpoints configuration in PowerShell Universal before 2026.1.4 allows an authenticated user with permissions to create or modify Apps or Endpoints to override existing application or system routes, resulting in unintended request routing and denial of service via a conflicting URL path.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2024-50616	HIGH	8.8	Ironman Software PowerShell Universal	cpe:2.3:a:ironmansoftware:powershell_universal	No	Yes	Oct 27, 2024
CVE-2026-4064	HIGH	8.3	Ironman Software PowerShell Universal	cpe:2.3:a:ironmansoftware:powershell_universal	No	Yes	Mar 17, 2026
CVE-2026-3277	MEDIUM	6.5	Ironman Software PowerShell Universal	cpe:2.3:a:ironmansoftware:powershell_universal	No	Yes	Feb 27, 2026
CVE-2026-0618	MEDIUM	6.1	Ironman Software PowerShell Universal	cpe:2.3:a:ironmansoftware:powershell_universal	No	Yes	Jan 07, 2026
CVE-2026-3563	MEDIUM	5.5	Ironman Software PowerShell Universal	cpe:2.3:a:ironmansoftware:powershell_universal	No	Yes	Mar 17, 2026

CVE-2026-3563:
Ironman Software PowerShell Universal vulnerability analysis and mitigation

5.5

Related Ironman Software PowerShell Universal vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2026-3563: Ironman Software PowerShell Universal vulnerability analysis and mitigation