Skip to content

RadicalNotion.AI

We do not sell or share your personal information

© 2026 RadicalNotion.AI

Security Data

CWE Directory
CAPEC Directory
CNA Directory
CNA Report Cards
Data Sources

Calculators

CVSS Calculator
CVSS 4.0
CVSS 3.1
CVSS 3.0
CVSS 2.0

Platform

My Vulnerabilities
Insights
Notifications
Account
Pricing

Learn

All guides
What is a CVE?
What is CVSS?
The CISA KEV catalog
What is EPSS?

Company

About us
Blog
Book a demo

Get Started

Sign up
Log in

Legal

Privacy
Terms

Security data

Weaknesses (CWE)The MITRE CWE weakness catalog
Attack Patterns (CAPEC)MITRE CAPEC attack patterns
CNAsNumbering authorities + report cards
VendorsVulnerabilities by vendor

Tools

CVSS CalculatorScore CVSS 4.0, 3.1, 3.0 & 2.0

Resources

LearnPlain-English security guides
Data SourcesHow we source CVE data

About Us Blog Pricing Book a Demo

Log in

Home
Vendors
Absolute
Secure Access

absolute secure access Vulnerabilities: CVEs, CISA KEV & Security Advisories

39 CVEs

absolute secure access Vulnerabilities

CVE security advisories and vulnerability history for secure access by absolute.

39

Total CVEs

Published

0

In CISA KEV

Exploited in the wild

0

Public exploits

With known exploit

5.3

Avg CVSS

2024–2026

Last updated April 30, 2026

Overview

absolute secure access has 39 published CVE records since 2024, of which 0 are in CISA's Known Exploited Vulnerabilities catalog and 0 have a known public exploit. The average CVSS base score across scored CVEs is 5.3.

This page aggregates every publicly disclosed vulnerability (CVE) affecting absolute secure access, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list.

Severity and exploitation

How the CVSS severity of absolute secure access's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical0

High6

Medium28

Low5

In CISA’s Known Exploited Vulnerabilities catalog

0

None of absolute secure access's CVEs are currently listed in CISA's KEV catalog.

Public exploits

0

No absolute secure access CVEs currently have a tracked public exploit.

Affected versions and CVEs

Browse every absolute secure access version named in a CVE, then pick one to see only the CVEs that affect it.

Fixed in

13.0610 CVEs
14.5010 CVEs
13.564 CVEs
14.104 CVEs
13.543 CVEs
14.203 CVEs
14.122 CVEs
13.071 CVE
13.551 CVE

Find a version

39 CVEs

Sort

Memory corruption in Secure Access Windows clients prior to 14.50
CVE-2026-40951
Patch
CWE-400
Medium · CVSS 6.8
EPSS 0.0% (6th pct)2026-04-30
Buffer overflow in the Secure Access server prior to 14.50
CVE-2026-40950
Patch
CWE-121
High · CVSS 7.1
EPSS 0.1% (18th pct)2026-04-30
Buffer overflow in Windows clients prior to 14.50
CVE-2026-40949
Patch
CWE-121
Medium · CVSS 6.8
EPSS 0.0% (4th pct)2026-04-30
Buffer overflow in Windows clients prior to 14.50
CVE-2026-33452
Patch
CWE-121
Medium · CVSS 5.9
EPSS 0.0% (4th pct)2026-04-30
Arbitrary read/write vulnerability in Windows clients prior to 14.50
CVE-2026-33451
Patch
CWE-125
High · CVSS 8.5
EPSS 0.0% (4th pct)2026-04-30
Out of bounds read in Secure Access MacOS clients prior to 14.50
CVE-2026-33450
Patch
CWE-125
Low · CVSS 2.3
EPSS 0.0% (12th pct)2026-04-30
Message handler buffer overflow in clients prior to 14.50
CVE-2026-33449
Patch
CWE-121
Low · CVSS 2.3
EPSS 0.1% (19th pct)2026-04-30
Format string vulnerability in MacOS clients prior to 14.50
CVE-2026-33448
Patch
CWE-200
Medium · CVSS 4.8
EPSS 0.0% (3th pct)2026-04-30
Low vulnerability · 2026-04-30
CVE-2026-33447
Patch
CWE-121
Low · CVSS 2.3
EPSS 0.1% (25th pct)2026-04-30
Buffer overflow in client authentication prior to version 14.50
CVE-2026-33446
Patch
CWE-120
Low · CVSS 2.3
EPSS 0.1% (23th pct)2026-04-30
Information Disclosure in Secure Access Between 12.70 and 14.20
CVE-2026-0519
Patch
CWE-532
Medium · CVSS 4.6
EPSS 0.0% (6th pct)2026-01-17
XSS in Secure Access Consoles prior to 14.20
CVE-2026-0518
Patch
CWE-79
Medium · CVSS 4.8
EPSS 0.1% (16th pct)2026-01-17
Denial of Service in Secure Access Servers Prior to 14.20.
CVE-2026-0517
Patch
CWE-400
Medium · CVSS 6.0
EPSS 0.0% (10th pct)2026-01-17
Medium vulnerability · 2025-11-04
CVE-2025-59596
Patch
CWE-20
Medium · CVSS 6.0
EPSS 0.0% (5th pct)2025-11-04
High vulnerability · 2025-11-04
CVE-2025-59595
Patch
CWE-20
High · CVSS 8.2
EPSS 0.1% (18th pct)2025-11-04
Cross-site Scripting vulnerability in Secure Access prior to 14.10
CVE-2025-54089
Patch
CWE-79
Medium · CVSS 4.6
EPSS 0.0% (7th pct)2025-10-02
Open Redirect in Secure Access prior to 14.10
CVE-2025-54088
Patch
CWE-601
Medium · CVSS 5.5
EPSS 0.0% (9th pct)2025-10-02
Server-side request forgery in Secure Access
CVE-2025-54087
Patch
CWE-918
Low · CVSS 1.8
EPSS 0.0% (8th pct)2025-10-02
Excess Permissions in Warehouse
CVE-2025-54086
Patch
CWE-276
Medium · CVSS 5.3
EPSS 0.0% (9th pct)2025-10-02
Permissions bypass vulnerability in the Secure Access administrative console of Absolute Secure Access prior to version 13.56
CVE-2025-49082
Patch
CWE-276
Medium · CVSS 5.1
EPSS 0.2% (40th pct)2025-07-30
Elevation of privilege vulnerability in the Secure Access administrative console of Absolute Secure Access prior to version 13.56
CVE-2025-54085
Patch
CWE-276
Medium · CVSS 5.1
EPSS 0.1% (35th pct)2025-07-30
Elevation of privilege vulnerability in the Secure Access administrative console of Absolute Secure Access prior to version 13.56
CVE-2025-49084
Patch
CWE-276
Medium · CVSS 5.3
EPSS 0.3% (53th pct)2025-07-30
Data deserialization vulnerability in the Secure Access administrative console of Absolute Secure Access prior to version 13.56
CVE-2025-49083
Patch
CWE-502
High · CVSS 7.0
EPSS 1.3% (80th pct)2025-07-30
Input validation vulnerability in the Secure Access prior to version 13.55
CVE-2025-49081
Patch
CWE-20
Medium · CVSS 6.9
EPSS 0.3% (57th pct)2025-06-12
Memory management vulnerability in Absolute Secure Access server versions 9.0 to 13.54
CVE-2025-49080
Patch
CWE-762
High · CVSS 8.7
EPSS 0.4% (61th pct)2025-06-12
Cross-site scripting vulnerability in the Secure Access administrative console of Absolute Secure Access prior to version 13.54
CVE-2025-27706
Patch
CWE-79
Medium · CVSS 4.6
EPSS 0.2% (37th pct)2025-05-28
Privilege escalation in the management console of Absolute Secure Access prior to version 13.54
CVE-2025-27703
Patch
CWE-281
High · CVSS 7.0
EPSS 0.2% (48th pct)2025-05-28
Permissions bypass in the management console of Absolute Secure Access prior to version 13.54
CVE-2025-27702
Patch
CWE-284
Medium · CVSS 6.9
EPSS 0.2% (41th pct)2025-05-28
Medium vulnerability · 2024-07-25
CVE-2024-40873
Patch
CWE-79
Medium · CVSS 4.5
EPSS 0.4% (60th pct)2024-07-25
Medium vulnerability · 2024-06-20
CVE-2024-37352
Patch
CWE-79
Medium · CVSS 4.5
EPSS 0.3% (52th pct)2024-06-20

Showing 30 of 39

Common weakness types

The CWE weakness categories most often found in absolute secure access CVEs. Follow any weakness for its full explanation.

CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')13 CVEs
CWE-121Stack-based Buffer Overflow5 CVEs
CWE-276Incorrect Default Permissions4 CVEs
CWE-20Improper Input Validation4 CVEs
CWE-125Out-of-bounds Read2 CVEs
CWE-400Uncontrolled Resource Consumption2 CVEs
CWE-601URL Redirection to Untrusted Site ('Open Redirect')1 CVE
CWE-762Mismatched Memory Management Routines1 CVE

Disclosure activity by year

How many absolute secure access CVEs were published each year.

2024

11

2025

15

2026

13

Other absolute products

Browse vulnerabilities for other products by absolute.

computrace agent3 CVEs secure_access3 CVEs ctes windows agent1 CVEs persistence1 CVEs

All absolute vulnerabilities

Frequently asked questions

Common questions about absolute secure access vulnerabilities.

How many CVEs does absolute secure access have?

absolute secure access has 39 published CVE records since 2024.

How many absolute secure access CVEs are in CISA KEV?

None of absolute secure access's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.

Are there public exploits for absolute secure access vulnerabilities?

No absolute secure access CVEs currently have a tracked public exploit in this dataset.

Which versions of absolute secure access are affected?

9 distinct absolute secure access versions are named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.

What are the most common weakness types in absolute secure access CVEs?

absolute secure access's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-121 (Stack-based Buffer Overflow), CWE-276 (Incorrect Default Permissions), CWE-20 (Improper Input Validation).

What is the average severity of absolute secure access CVEs?

The average CVSS base score across absolute secure access's scored CVEs is 5.3.

References

All absolute vulnerabilities
The MITRE CVE Program (opens in a new tab)
Learn: What is a CVE?
CWE directory: the weakness types these CVEs map to

Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.

Track absolute secure access vulnerabilities

Monitor new absolute secure access vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.

Start free See pricing

On this page

Overview
Severity and exploitation
Affected versions and CVEs
Common weakness types
Disclosure activity
Other products
FAQ
References