CVE-2026-40956
A low severity vulnerability in Secure Access clients prior to 14.55
Published: July 8, 2026
CVE-2026-40956 is a memory disclosure vulnerability in SA client versions prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can cause a small amount of random memory to leak.