Buffer Overflow in Secure Access Client by Absolute
CVE-2026-33446

2.3LOW

Key Information:

Vendor

Absolute Software

Status
Secure Access
Vendor
CVE Published:
30 April 2026

What is CVE-2026-33446?

This vulnerability involves a buffer overflow in the authentication subsystem of the Secure Access client prior to version 14.50. An attacker operating a modified server could craft a specific packet that, when sent to the client, may overwrite a limited section of memory. This exploitation could result in unexpected behavior such as memory corruption, leading to potential service disruption.

Affected Version(s)

Secure Access 0 < 14.50

References

https://www.absolute.com/platform/security-information/vu...

CVSS V4

Score:
2.3
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.