Vulnerability in Openvpn Ovpn-dco-win
CVE-2026-2738
Buffer overflow in ovpn‑dco‑win version 2.8.0 allows local attackers to cause a system crash by sending too large packets to the remote peer when the AEAD tag appears at the end of the encrypted packet
EPSS: 0.001 (1.9th percentile) — read the EPSS interpretation.
Affected products
- Openvpn Ovpn-dco-win — versions 2.8.0
Weakness classification (CWE)
References
- security@openvpn.net (vendor-advisory)