Description
A security vulnerability has been detected in SecureAge CatchPulse up to 10.9.3. The affected element is an unknown function in the library saappctl.sys of the component Driver. Such manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. Upgrading to version 10.10.0 is sufficient to fix this issue. You should upgrade the affected component. The vendor was contacted early about this disclosure.
Problem types
Product status
10.9.1
10.9.2
10.9.3
10.10.0
Timeline
| 2026-06-29: | Countermeasure disclosed |
| 2026-07-12: | Advisory disclosed |
| 2026-07-12: | VulDB entry created |
| 2026-07-14: | VulDB entry last update |
Credits
Jordan Higgins
Jordanhiggins (VulDB User)
Jordanhiggins (VulDB User)
VulDB CNA Team
References
vuldb.com/vuln/377835 (VDB-377835 | SecureAge CatchPulse Driver saappctl.sys heap-based overflow)
vuldb.com/vuln/377835/cti (VDB-377835 | CTI Indicators (IOB, IOC, IOA))
vuldb.com/cve/CVE-2026-15506 (CVE-2026-15506 | CVE Analysis and Report)
vuldb.com/submit/845584 (Submit #845584 | SecureAge Technology CatchPulse <10.9.3 Heap-based Buffer Overflow)
jordanhiggins.blog/catchpulse-antivirus-exploits/
github.com/Kalagious/SecureAgeExploit
youtu.be/xZqRVWlrah8