CVE-2026-11459

CVE Database · CVE-2026-11459

CVE-2026-11459

· LOWDeferred

CVSS v3.1

3.3

CVSS v4.0

1.9

EPSS

0.13%

Published

Jun 7, 2026

Modified

Jun 12, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A security vulnerability has been detected in SecureAge CatchPulse up to 10.9.3. Impacted is an unknown function in the library saappctl.sys of the component IOCTL Handler. The manipulation leads to information disclosure. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Weaknesses (CWE)

CWE-200CWE-284

References (6)

https://github.com/Kalagious/SecureAgeExploit

https://jordanhiggins.blog/catchpulse-antivirus-exploits/

https://vuldb.com/cve/CVE-2026-11459

https://vuldb.com/submit/829131

https://vuldb.com/vuln/369078

https://vuldb.com/vuln/369078/cti

KEV Catalog EPSS Scores Vendors All CVEs