Vulnerabilities
Vulnerable Software
Openvpn:  Security Vulnerabilities
Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute arbitrary commands with elevated privileges via local IPC channel
CVSS Score
9.4
EPSS Score
0.006
Published
2026-05-26
Improper validation of source IP addresses in OpenVPN version 2.6.0 through 2.6.15 and 2.7_alpha1 through 2.7_rc1 allows an attacker to open a session from a different IP address which did not initiate the connection resulting in a denial of service for the originating client
CVSS Score
4.6
EPSS Score
0.006
Published
2025-12-03
Interactive service agent in OpenVPN version 2.5.0 through 2.6.16 and 2.7_alpha1 through 2.7_rc2 on Windows allows a local authenticated user to connect to the service and trigger an error causing a local denial of service.
CVSS Score
1.3
EPSS Score
0.002
Published
2025-12-03
Insufficient argument validation in OpenVPN 2.7_alpha1 through 2.7_rc1 allows an attacker to trigger a heap buffer over-read when parsing IP addresses
CVSS Score
9.1
EPSS Score
0.005
Published
2025-12-01
Buffer overflow in OpenVPN ovpn-dco-win version 1.3.0 and earlier and version 2.5.8 and earlier allows a local user process to send a too large control message buffer to the kernel driver resulting in a system crash
CVSS Score
5.5
EPSS Score
0.002
Published
2025-06-20
The configuration initialization tool in OpenVPN 3 Linux v20 through v24 on Linux allows a local attacker to use symlinks pointing at an arbitrary directory which will change the ownership and permissions of that destination directory.
CVSS Score
6.2
EPSS Score
0.002
Published
2025-05-19
OpenVPN version 2.4.0 through 2.6.10 on Windows allows an external, lesser privileged process to create a named pipe which the OpenVPN GUI component would connect to allowing it to escalate its privileges
CVSS Score
8.8
EPSS Score
0.004
Published
2025-04-03
OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase
CVSS Score
7.5
EPSS Score
0.008
Published
2025-04-02
Weak encryption algorithm in Easy-RSA version 3.0.5 through 3.1.7 allows a local attacker to more easily bruteforce the private CA key when created using OpenSSL 3
CVSS Score
5.3
EPSS Score
0.001
Published
2025-01-20
OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O control messages with invalid data to the driver resulting in a NULL pointer dereference leading to a system halt.
CVSS Score
3.3
EPSS Score
0.001
Published
2025-01-15


Contact Us

Shodan ® - All rights reserved