Multiple Vulnerabilities Addressed in Secure Access 14.50 and Insights for Network 4.40

Published: April 29, 2026

Secure Access 14.50

Secure Access 14.50 is a feature release for the server and all clients that adds significant new functionality, addresses several quality-of-life issues, fixes ten security vulnerabilities in Secure Access, and addresses third-party CVEs in Node.js, Corretto, and Jersey.

The highest CVSS 4.0 score for the vulnerabilities is 8.5 – High

Absolute recommends that Secure Access customers schedule a maintenance window for servers and clients and update to 14.50.

For descriptions of the Secure Access vulnerabilities, refer to the links at the bottom of this page.

For all other changes in this Secure Access release, visit the Absolute Community at: Secure Access 14.50 release notes.

For more information, contact securityresponse@absolute.com or nm-support@absolute.com.

Absolute CVEs for Secure Access 14.50:

Third-party CVEs addressed in Secure Access 14.50:

CVE-2026-21945, CVE-2026-21932, CVE-2026-21933, CVE-2026-21925, CVE-2025-55130, CVE-2025-12383, CVE-2025-53057, CVE-2025-53066

‍

Insights for Network 4.40:

Insights for Network 4.40 is a general maintenance release that addresses twelve third-party security issues in Insights for Network.

The highest CVSS 4.0 score for the vulnerabilities is 8.7 – High

Absolute recommends that customers schedule a maintenance window to update their Insights for Network deployment to 4.40.

Third-party CVEs addressed in Insights for Network 4.40:

CVE-2025-14847, CVE-2026-20163, CVE-2026-20140, CVE-2026-20143, CVE-2026-25639, CVE-2026-20164, CVE-2025-13465, CVE-2026-20165, CVE-2026-20162, CVE-2026-20166, CVE-2026-20141, CVE-2026-20139

For all other changes in this Insights for Network release, visit the Absolute Community at: Insights for Network 4.40 release notes

For all customers: The attacks can be mitigated by installing the updates from the downloads section of the Absolute Community.