EUVD-2026-30105

A server-side request forgery SSRF vulnerability in the IKEv2 implementation of Palo Alto Networks PAN-OS® software allows an unauthenticated attacker to cause the firewall to send network requests to unintended destinations or cause a denial of service DoS condition. Panorama, Cloud NGFW and...

EUVD-2026-30064

A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software allows an unauthenticated network-based attacker to execute arbitrary code with elevated privileges on the firewall, or cause a denial of service DoS condition. Panorama, Cloud NGFW, and Prisma® Access...

CVE-2026-0258

A server-side request forgery SSRF vulnerability in the IKEv2 implementation of Palo Alto Networks PAN-OS® software allows an unauthenticated attacker to cause the firewall to send network requests to unintended destinations or cause a denial of service DoS condition. Panorama, Cloud NGFW and...

CVE-2026-25075

The CVE-2026-25075 issue is an integer underflow in strongSwan’s EAP-TTLS AVP parser affecting versions 4.5.0 through 6.0.4, which can crash the charon IKE daemon (DoS) via crafted AVP length fields during IKEv2 authentication. Mitigation: upgrade to strongSwan 6.0.5 or later (as confirmed by Mag...

EUVD-2026-9430

A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device that may also impact the availability of services to devices elsewhere in the network. This...

CVE-2026-20015

A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device that may impact the availability of services to devices elsewhere in the network. This...

CVE-2026-20049

A vulnerability in the processing of Galois/Counter Mode GCM-encrypted Internet Key Exchange version 2 IKEv2 IPsec traffic of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker to cause...

PT-2026-22973

A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device that may impact the availability of services to devices elsewhere in the network. This...

VulnCheck KEV: CVE-2025-14733

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability...

EUVD-2025-201298

A memory corruption vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker to trigger a Denial of Service DoS condition in the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer. This vulnerability affects Fireware O...

CVE-2025-11838

A memory corruption vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker to trigger a Denial of Service DoS condition in the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer. This vulnerability affects Fireware O...

Brave Desktop 1.85.111 Security Fixes

Improved IKEv2 VPN configuration parameters on Windows. - Enabled WASM Interpreter when JIT is disabled. Upgraded Chromium to 143.0.7499.40 — refer to Google Chrome advisories for inherited CVEs...

EUVD-2025-24877

Malicious code in bioql PyPI...

CVE-2025-9242

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability...

CVE-2025-9242 WatchGuard Firebox iked Out of Bounds Write Vulnerability

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability...

CVE-2025-20182

A vulnerability in the Internet Key Exchange version 2 IKEv2 protocol processing of Cisco Adaptive Security Appliance ASA Software, Cisco Firepower Threat Defense FTD Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of servi...

libreswan: Invalid IKEv2 REKEY proposal causes restart

An assertion failure flaw was found in the Libreswan package that occurs when processing IKEv2 REKEY requests. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notification INVALIDSPI is sent back. The notify payload's protocol ID is copied from...

SonicWALL SonicOS 安全漏洞

SonicWALL SonicOS is a set of operating systems designed for SonicWall firewall appliances from SonicWALL, Inc. A security vulnerability exists in SonicWALL SonicOS that stems from an integer buffer overflow vulnerability via IPSec, which can be exploited by remote attackers to cause a denial of...

libreswan: Invalid IKEv2 REKEY proposal causes restart

An assertion failure flaw was found in the Libreswan package that occurs when processing IKEv2 REKEY requests. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notification INVALIDSPI is sent back. The notify payload's protocol ID is copied from...

TheGreenBow Windows Certified VPN Client 安全漏洞

TheGreenBow Windows Certified VPN Client is a client VPN from TheGreenBow. A security vulnerability exists in TheGreenBow Windows Certified VPN Client. A remote attacker could exploit the vulnerability to execute arbitrary code via the IKEv2 authentication phase...