Memory Corruption Vulnerability in Secure Access Windows Clients by Absolute
CVE-2026-40951

6.8MEDIUM

Key Information:

Vendor: Absolute Software
Status: Secure Access
Vendor: CVE Published:; 30 April 2026

🔔 Create Absolute Software Vulnerability Alert

What is CVE-2026-40951?

A memory corruption vulnerability has been identified in Secure Access Windows clients, which could be exploited by attackers with local control of the system. By sending specially crafted data to an application programming interface (API), an attacker may trigger a denial of service condition, impacting system availability and user access.

Affected Version(s)

Secure Access Windows 0 < 14.50

References

https://www.absolute.com/platform/security-information/vu...

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 30, 2026
Vulnerability Reserved
Apr 16, 2026

CVE-2026-40951 Data

JSON