Vulnerability in Strongswan Strongman
CVE-2026-25998
strongMan is a management interface for strongSwan, an OpenSource IPsec-based VPN. When storing credentials in the database (private keys, EAP secrets), strongMan encrypts the corresponding database fields. So far it used AES in CTR mode w…
EPSS: 0.000 (8.4th percentile) — read the EPSS interpretation.
Affected products
- Strongswan Strongman — versions < 0.2.0
Weakness classification (CWE)
References
- https://github.com/strongswan/strongMan/security/advisories/GHSA-88w4-jv97-c8xr (x_refsource_CONFIRM)