cbcvebase.
CVE-2026-7431
published 2026-05-12

CVE-2026-7431: An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify…

PriorityP420medium4.4CVSS 3.1
AVLACLPRLUINSUCLILAN
EPSS
0.18%
7.3th percentile
An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section.

Affected

2 ranges
VendorProductVersion rangeFixed in
ivantisecure_access_client<= 22.7
ivantisecure_access_client
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.