CVE-2026-33451

EUVD-2026-26423
CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure 
Access Windows client prior to 14.50. Attackers with local control of 
the Windows client can send malformed data to an API and elevate their 
level of privilege to system.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 1%
Affected Products (NVD)
VendorProductVersion
absolutesecure_access
𝑥
< 14.50
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.absolute.com/platform/security-information/vulnerability-archive/cve-2026-33451