PT-2026-60289 · Absolute Security+1 · Secure Access

CVE-2026-40957

·

Published

2026-07-15

·

Updated

2026-07-15

CVSS v4.0

6.1

Medium

VectorAV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:H/SA:N
o   CVE-2026-40957 is a frameable content vulnerability in the Secure Access server login page prior to 14.55. Attackers with control of a malicious web site could use it to potentially steal credentials from an unwary administrator.

Fix

Clickjacking

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-40957

Affected Products

Secure Access