Vulnerability in Thales Safenet Agent For Windows Logon
CVE-2026-0872
Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon on Windows allows Signature Spoofing by Improper Validation.This issue affects SafeNet Agent for Windows Logon: 4.0.0, 4.1.1, 4.1.2.
Vulnerability class: Improper Certificate Validation
EPSS: 0.002 (8.1th percentile) — read the EPSS interpretation.
Affected products
- Thales Safenet Agent For Windows Logon — versions 4.0.0, 4.1.1, 4.1.2
Weakness classification (CWE)
References
- psirt@thalesgroup.com (mitigation)
- psirt@thalesgroup.com (vendor-advisory)