Buffer overflow in Secureage Catchpulse
CVE-2026-15506
A security vulnerability has been detected in SecureAge CatchPulse up to 10.9.3. The affected element is an unknown function in the library saappctl.sys of the component Driver. Such manipulation leads to heap-based buffer overflow. An att…
Vulnerability class: Buffer Overflow
CVSS v3 metric
CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Secureage Catchpulse — versions 10.9.0, 10.9.1, 10.9.2
Weakness classification (CWE)
References
- cna@vuldb.com (vdb-entry)
- cna@vuldb.com (signature, permissions-required)
- cna@vuldb.com (third-party-advisory)
- cna@vuldb.com (third-party-advisory)
- cna@vuldb.com (related)
- cna@vuldb.com (exploit, media-coverage)
Frequently asked questions
- What is CVE-2026-15506?
- CVE-2026-15506 is a high-severity vulnerability in Secureage Catchpulse, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 7.8/10. Published 2026-07-12.
- How severe is CVE-2026-15506?
- High severity. CVSS v3 base score is 7.8 out of 10.