CVE-2026-40951
MEDIUM WAF: Medium
CVSS 5.5
Published: 2026-04-30
CWE-400
CVE-2026-40951 is a memory corruption vulnerability on Secure Access Windows clients prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and trigger a denial of service.
WAF Coverage Analysis
Uncontrolled Resource Consumption
Medium WAF Coverage
OWASP: A05:2021 Security Misconfiguration
912xxx - DOS Protection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| absolute | secure_access | up to 14.50 |
References
- www.absolute.com (Vendor Advisory)