What is CVE-2026-40118?

CVE-2026-40118 is a medium-severity vulnerability in Arcserve Udp Console, classified under CWE-941. CVSS score: 6.3/10. Published 2026-04-16.

How severe is CVE-2026-40118?

Medium severity. CVSS v3 base score is 6.3 out of 10.

Vulnerability in Arcserve Udp Console

CVE-2026-40118

UDP Console provided by Arcserve contains an incorrectly specified destination in a communication channel vulnerability. When a user configures an activation server hostname of the affected product to a dummy URL, the product may unintenti…

EPSS: 0.000 (2.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.3 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L.

Affected products

Arcserve Udp Console — versions 10.3

Weakness classification (CWE)

CWE-941

References

support.arcserve.com/s/article/P00003790
jvn.jp/en/jp/JVN88396700/

Frequently asked questions

What is CVE-2026-40118?: CVE-2026-40118 is a medium-severity vulnerability in Arcserve Udp Console, classified under CWE-941. CVSS score: 6.3/10. Published 2026-04-16.
How severe is CVE-2026-40118?: Medium severity. CVSS v3 base score is 6.3 out of 10.