Frameable Content Vulnerability in Secure Access Server by Absolute
CVE-2026-40957

6.1MEDIUM

Key Information:

Vendor
CVE Published:
15 July 2026

What is CVE-2026-40957?

A frameable content vulnerability exists in the Secure Access Server's login page versions prior to 14.55, allowing attackers who control a malicious website to potentially exploit this weakness. By tricking administrators into entering credentials on their site, they can capture sensitive information. Businesses using affected versions should prioritize updates and review security measures to mitigate potential attacks.

Affected Version(s)

Secure Access 0 < 14.55

References

CVSS V4

Score:
6.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.