Vulnerability Details CVE-2026-40957
o
CVE-2026-40957 is a frameable content
vulnerability in the Secure Access server login page prior to 14.55. Attackers
with control of a malicious web site could use it to potentially steal
credentials from an unwary administrator.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 23.3%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2026-40957
-
cpe:2.3:a:absolute:secure_access:-
-
cpe:2.3:a:absolute:secure_access:12.00
-
cpe:2.3:a:absolute:secure_access:12.50
-
cpe:2.3:a:absolute:secure_access:12.70
-
cpe:2.3:a:absolute:secure_access:13.04
-
cpe:2.3:a:absolute:secure_access:13.05
-
cpe:2.3:a:absolute:secure_access:13.06
-
cpe:2.3:a:absolute:secure_access:13.07
-
cpe:2.3:a:absolute:secure_access:13.08
-
cpe:2.3:a:absolute:secure_access:13.54
-
cpe:2.3:a:absolute:secure_access:13.55
-
cpe:2.3:a:absolute:secure_access:13.56
-
cpe:2.3:a:absolute:secure_access:14.02
-
cpe:2.3:a:absolute:secure_access:14.10
-
cpe:2.3:a:absolute:secure_access:14.12
-
cpe:2.3:a:absolute:secure_access:14.20
-
cpe:2.3:a:absolute:secure_access:9.0