CVE-2025-3908
OpenVPN 3 Linux affected versions v20–v24 on Linux are vulnerable to a local privilege escalation where a attacker can exploit symlinks to point at an arbitrary directory, changing ownership and permissions of the destination directory. Root cause: configuration initialization tool does not valid...