PT-2026-60286 · Absolute Security+1 · Secure Access

Published

2026-07-15

·

Updated

2026-07-15

·

CVE-2026-40954

CVSS v3.1

3.7

Low

VectorAV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2026-40954 is an integer underflow vulnerability in the traffic parsing function of Secure Access clients prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against their client

Fix

Integer Underflow

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-40954

Affected Products

Secure Access