Input Validation Vulnerability in Secure Access Clients by Absolute Software
CVE-2026-40958

2.3LOW

Key Information:

Vendor
CVE Published:
15 July 2026

What is CVE-2026-40958?

An input validation error has been identified in Secure Access clients developed by Absolute Software, affecting versions prior to 14.55. This vulnerability allows attackers with deep knowledge of the tunnel protocol to exploit the flaw, potentially leading to a non-persistent Denial of Service (DoS) condition against the client. Users are encouraged to review the security implications and update to the latest version to mitigate potential risks.

Affected Version(s)

Secure Access 0 < 14.55

References

CVSS V4

Score:
2.3
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.