CVE-2026-11459NVD

Vulnerability Summary

A security vulnerability has been detected in SecureAge CatchPulse up to 10.9.3. Impacted is an unknown function in the library saappctl.sys of the component IOCTL Handler. The manipulation leads to information disclosure. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used.

Severity Level

LOW(3.3)

Published Date

Jun 7, 2026

Last Modified

Jun 12, 2026

Exploitation Status

????

EPSS Score (30-Day)

0.01%Probability

Root Weakness (CWE)

N/A

CVSS v3.1 Base Metrics

Attack VectorLocal

Attack ComplexityLow

Privileges RequiredLow

User InteractionNone

ScopeUnchanged

ConfidentialityLow

IntegrityNone

AvailabilityNone

External References

https://vuldb.com/vuln/369078
https://vuldb.com/vuln/369078/cti
https://vuldb.com/cve/CVE-2026-11459
https://vuldb.com/submit/829131
https://jordanhiggins.blog/catchpulse-antivirus-exploits/
https://github.com/Kalagious/SecureAgeExploit

Critical Alert 1 Active Exploit Detected Today

CVE Watchtower

CVE-2026-11459NVD

Vulnerability Summary

External References