CVE-2026-11459
LowCVSS 3.3Exploitation Probability (EPSS)
Low risk2th percentile — higher than 2% of all known CVEs
Summary
A vulnerability has been detected in SecureAge CatchPulse up to version 10.9.3, affecting an unknown function in the library saappctl.sys of the IOCTL Handler component. Manipulation of this function leads to information disclosure.
Risk Assessment
The vulnerability requires local access to the system, which limits the risk, but information disclosure may lead to further attacks or data privacy breaches.
Recommendation
It is recommended to update SecureAge CatchPulse to the latest version to mitigate the risks associated with this vulnerability.
Original NVD description (English source)
A security vulnerability has been detected in SecureAge CatchPulse up to 10.9.3. Impacted is an unknown function in the library saappctl.sys of the component IOCTL Handler. The manipulation leads to information disclosure. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used.

