Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
7DescriptionCVE.org
CVE-2026-40951 is a memory corruption vulnerability on Secure Access Windows clients prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and trigger a denial of service.
AnalysisAI
Memory corruption in Absolute Secure Access Windows clients prior to version 14.50 allows local authenticated attackers to trigger denial of service by sending malformed data to an exposed API. The vulnerability requires local system access and authenticated privileges but can completely disable the security client, creating a critical availability risk for endpoint protection.
Technical ContextAI
This memory corruption vulnerability affects the Absolute Secure Access Windows client API interface. The CVE involves improper handling of malformed input data sent to a local API endpoint, causing memory safety violations classified as buffer overflow (per tags). The vulnerability is specific to the Secure Access application running on Windows endpoints and manifests through local inter-process communication or API exposure. The flaw allows memory corruption that results in availability impact (VA:H in CVSS 4.0 vector), indicating the attacker can crash or disable the service rather than execute arbitrary code.
RemediationAI
Upgrade Absolute Secure Access to version 14.50 or later on all affected Windows clients. This is the vendor-released patch that resolves the memory corruption flaw. Organizations unable to patch immediately should restrict local access to Windows systems running vulnerable Secure Access versions, disable unnecessary local API endpoints if configuration options exist, and monitor for suspicious local API calls or client process crashes that may indicate exploitation attempts. Verify patch deployment across the organization, as the vulnerability requires local authenticated access and therefore poses greatest risk in environments with high user turnover or weak endpoint access controls.
Same weakness CWE-400 – Uncontrolled Resource Consumption
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-26431