Fedora 44 : openvpn (2026-9f773ae3ce)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-9f773ae3ce advisory. Update to upstream 2.7.1 release Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 43 : openvpn (2026-670067411c)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-670067411c advisory. Update to upstream OpenVPN 2.6.20 CVE-2026-40215 CVE-2026-35058 Tenable has extracted the preceding description block directly from the Fedora...

OpenVPN TLS Crypt v2 Client Key Extraction denial of service vulnerability

Talos Vulnerability Report TALOS-2026-2381 OpenVPN TLS Crypt v2 Client Key Extraction denial of service vulnerability April 27, 2026 CVE Number CVE-2026-35058 SUMMARY A reachable assertion vulnerability exists in the TLS Crypt v2 Client Key Extraction functionality of OpenVPN 2.6.x and 2.8git. A...

FreeBSD : OpenVPN -- server DOS and data leak in TLS handshake vulnerabilities (549313db-3e93-11f1-8d38-7fbbe0285610)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 549313db-3e93-11f1-8d38-7fbbe0285610 advisory. Gert Doering reports: Security fixes in 2.7.2 Tenable has extracted the preceding description...

Linux Distros Unpatched Vulnerability : CVE-2026-40215

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via...

OpenVPN OpenSource 安全漏洞

OpenVPN OpenSource is a virtual private network communication software developed by OpenVPN Inc., based on the SSL/TLS protocol. OpenVPN OpenSource has a security vulnerability; this vulnerability stems from bypassing access restrictions through the TLS handshake, potentially leading to the readi...

Linux Distros Unpatched Vulnerability : CVE-2026-35058

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper validation of packet length during tls-crypt-v2 key extraction in OpenVPN 2.6.0 through 2.6.19 and 2.7alpha1 through 2.7.1 allows authenticated attacke...

openvpn-auth-oauth2 returns FUNC_SUCCESS on client-deny, allowing unauthenticated VPN access

Summary When openvpn-auth-oauth2 is deployed in the experimental plugin mode shared library loaded by OpenVPN via the plugin directive, clients that do not support WebAuth/SSO e.g., the openvpn CLI on Linux are incorrectly admitted to the VPN despite being denied by the authentication logic. The...

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication in the handleAuthUserPassVerify process when deployed in experimental plugin mode. An attacker can gain unauthorized VPN access by connecting with a client that does not advertise WebAuth/SSO support, thereby...

GHSA-246W-JGMQ-88FG openvpn-auth-oauth2 returns FUNC_SUCCESS on client-deny, allowing unauthenticated VPN access

Summary When openvpn-auth-oauth2 is deployed in the experimental plugin mode shared library loaded by OpenVPN via the plugin directive, clients that do not support WebAuth/SSO e.g., the openvpn CLI on Linux are incorrectly admitted to the VPN despite being denied by the authentication logic. The...

PT-2026-34452

Name of the Vulnerable Software and Affected Versions openvpn-auth-oauth2 versions 1.26.3 through 1.27.2 Description An authentication bypass exists when the software is deployed in experimental plugin mode. Clients that do not support WebAuth/SSO are incorrectly granted full network access witho...

PT-2026-34525

Summary When openvpn-auth-oauth2 is deployed in the experimental plugin mode shared library loaded by OpenVPN via the plugin directive, clients that do not support WebAuth/SSO e.g., the openvpn CLI on Linux are incorrectly admitted to the VPN despite being denied by the authentication logic. The...

PT-2026-36643

Name of the Vulnerable Software and Affected Versions OpenVPN affected versions not specified Description An issue exists in the tls crypt v2 extract client key function where an uncontrolled assertion is reachable. A remote attacker can trigger a denial of service by sending a suitably malformed...

OpenVPN -- server DOS and data leak in TLS handshake vulnerabilities

Gert Doering reports: Security fixes in 2.7.2 fix race condition in TLS handshake that could lead to leaking of packet data from a previous handshake under specific circumstances CVE-2026-40215 fix server termination on receiving a suitably malformed packet with a valid tls-crypt-v2 key...

CLEANSTART-2026-MW52599 OpenVPN version 2

Multiple security vulnerabilities affect the pritunl package. OpenVPN version 2. See references for individual vulnerability details...

CVE-2026-6139

A vulnerability has been found in Totolink A7100RU 7.4cu.2313b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The...

CVE-2026-6139 Totolink A7100RU CGI cstecgi.cgi UploadOpenVpnCert os command injection

A vulnerability has been found in Totolink A7100RU 7.4cu.2313b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The...

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router produced by TOTOLINK, a Chinese company. The TOTOLINK A7100RU 7.4cu.2313b20191024 version contains a vulnerability related to operating system command injection. This vulnerability stems from improper handling of the parameter “FileName” in the function...

CVE-2024-1490

An authenticated remote attacker with high privileges can exploit the OpenVPN configuration via the web-based management interface of a WAGO PLC. If user-defined scripts are permitted, OpenVPN may allow the execution of arbitrary shell commands enabling the attacker to run arbitrary commands on t...

CVE-2024-1490 Wago: Vulnerability in WBM through Open VPN

An authenticated remote attacker with high privileges can exploit the OpenVPN configuration via the web-based management interface of a WAGO PLC. If user-defined scripts are permitted, OpenVPN may allow the execution of arbitrary shell commands enabling the attacker to run arbitrary commands on t...