CVE-2026-40955 PUBLISHED

Integer underflow vulnerability in Secure Access clients

Assigner: Absolute
Reserved: 16.04.2026 Published: 15.07.2026 Updated: 16.07.2026

CVE-2026-40955 is an integer underflow vulnerability in the traffic parsing function of Secure Access clients prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against their client.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
CVSS Score: 2.1

Product Status

Vendor Absolute Security
Product Secure Access
Versions Default: unaffected
  • affected from 0 to 14.55 (excl.)

References