CVE-2026-0519

LOW

Absolute Secure Access 12.70-14.20 - Sensitive Information Exposure in Logging Subsystem

Title source: llm

Description

In Secure Access 12.70 and prior to 14.20, the logging subsystem may write an unredacted authentication token to logs under certain configurations. Any party with access to those logs could read the token and reuse it to access an integrated system.

References (1)

Core 1

Core References

Vendor Advisory

https://www.absolute.com/platform/security-information/vulnerability-archive/cve-2026-0519

Scores

CVSS v3 3.4

EPSS 0.0012

EPSS Percentile 2.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-532

Status published

Products (1)

absolute/secure_access 12.70 - 14.20

Published Jan 17, 2026

Tracked Since Feb 18, 2026