CVE-2026-38704

A command injection vulnerability exists in the WireGuard VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target...

GO-2025-3979 Omni Wireguard SideroLink potential escape in github.com/siderolabs/omni

Omni Wireguard SideroLink potential escape in github.com/siderolabs/omni...

EUVD-2021-33526

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-46873

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WireGuard, such as WireGuard 0.5.3 on Windows, does not fully account for the possibility that an adversary might be able to set a victim's system time to a...

CVE-2024-28250

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.8 and 1.15.2, In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies Wireguard-eligible traffic that is sent between a node's...

CVE-2022-49153

CVE-2022-49153 affects the Linux kernel via the wireguard path: when sending to a peer, skb memory is not freed if IPv6 is disabled, causing a memory leak. The root cause is missing kfree_skb() in the send6() handling within wg_socket_send_buffer_to_peer/..send_buffer_to_peer() and related code p...

The vulnerability of the WireGuard component in the Linux operating system’s kernel allows a hacker to increase their privileges within the system.

The vulnerability of the WireGuard component in the Linux operating system’s kernel is related to errors that occur during the execution of the wggetdevicedump function after it is enabled. Exploiting this vulnerability can allow an attacker to gain increased privileges within the system...

The vulnerability of the WireGuard component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the WireGuard component in the Linux operating system’s kernel is related to the assignment of the NULL pointer in the getpeer function. Exploiting this vulnerability can allow a hacker to trigger a service failure...

CVE-2024-42247 wireguard: allowedips: avoid unaligned 64-bit memory accesses

In the Linux kernel, the following vulnerability has been resolved: wireguard: allowedips: avoid unaligned 64-bit memory accesses On the parisc platform, the kernel issues kernel warnings because swapendian tries to load a 128-bit IPv6 address from an unaligned memory location: Kernel: unaligned...

WireGuard Security Vulnerabilities

WireGuard is an open source VPN program and protocol from the individual developer Jason A. Donenfeld. A security vulnerability exists in WireGuard version 0.5.3 that originates from an insecure configuration of the operating system and firewall that results in the blocking of traffic to a local...

CVE-2021-46873

WireGuard, such as WireGuard 0.5.3 on Windows, does not fully account for the possibility that an adversary might be able to set a victim's system time to a future value, e.g., because unauthenticated NTP is used. This can lead to an outcome in which one static private key becomes permanently...

PT-2022-34817 · Wireguard +1 · Wireguard +1

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.71 Description: The issue concerns a potential security vulnerability in the netlink component of WireGuard, related to a variable-sized memcpy on sockaddr. The actual impact and attack plausibility have n...

PT-2022-33873 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Wireguard versions prior to v5.15.61 Description: The issue is related to the allowedips feature in Wireguard, where a potential stack corruption can occur when detecting an overflow. The actual impact and attack plausibility have not yet bee...