Vulnerability Details CVE-2026-40955
CVE-2026-40955 is an integer underflow
vulnerability in the traffic parsing function of Secure Access clients prior to
14.55. Attackers with intimate knowledge of and total control over the tunnel
protocol can create a non-persistent DoS against their client.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 10.1%
CVSS Severity
CVSS v3 Score 3.7
Products affected by CVE-2026-40955
-
cpe:2.3:a:absolute:secure_access:-
-
cpe:2.3:a:absolute:secure_access:12.00
-
cpe:2.3:a:absolute:secure_access:12.50
-
cpe:2.3:a:absolute:secure_access:12.70
-
cpe:2.3:a:absolute:secure_access:13.04
-
cpe:2.3:a:absolute:secure_access:13.05
-
cpe:2.3:a:absolute:secure_access:13.06
-
cpe:2.3:a:absolute:secure_access:13.07
-
cpe:2.3:a:absolute:secure_access:13.08
-
cpe:2.3:a:absolute:secure_access:13.54
-
cpe:2.3:a:absolute:secure_access:13.55
-
cpe:2.3:a:absolute:secure_access:13.56
-
cpe:2.3:a:absolute:secure_access:14.02
-
cpe:2.3:a:absolute:secure_access:14.10
-
cpe:2.3:a:absolute:secure_access:14.12
-
cpe:2.3:a:absolute:secure_access:14.20
-
cpe:2.3:a:absolute:secure_access:9.0