By Abinaya
Publication Date: 2026-04-08 14:54:00
A critical security bulletin highlights multiple vulnerabilities in Verify Identity Access and Security Verify Access products.
If left unpatched, these widespread security flaws could allow malicious actors to access sensitive information, escalate their system privileges, or cause a complete denial-of-service of the application.
Organizations relying on these authentication platforms must take immediate action to patch their infrastructure. A standout issue in the latest security advisory revolves around how the platform handles web traffic.
Tracked as CVE-2026-2862 and CVE-2026-1491, these HTTP request smuggling flaws arise from inconsistent reverse proxy handling and carry a CVSS score of 5.3.
By exploiting this vulnerability, a remote, unauthenticated attacker can trick the proxy server into exposing internal web traffic.
Ultimately, this inconsistency allows the attacker to silently bypass security checks and gain unauthorized access…
