Integer Underflow Vulnerability in Secure Access Clients by Absolute
CVE-2026-40954

2.1LOW

Key Information:

Vendor
CVE Published:
15 July 2026

What is CVE-2026-40954?

An integer underflow vulnerability exists in the traffic parsing function of Secure Access clients prior to version 14.55. This flaw can be exploited by attackers who have deep knowledge and control over the tunnel protocol, enabling them to potentially create a non-persistent Denial of Service (DoS) condition against affected clients. As a result, this vulnerability poses a risk to the availability and stability of the application.

Affected Version(s)

Secure Access 0 < 14.55

References

CVSS V4

Score:
2.1
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.