Openvpn Access Server
4 CVEs affecting Openvpn Access Server. Latest disclosed: 2026-07-08. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-46850 | Critical | 9.8 | 2023-11-11 | Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a r… |
CVE-2023-46849 | High | 7.5 | 2023-11-11 | Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could… |
CVE-2025-50055 | Medium | 6.4 | 2025-10-27 | Cross-site scripting (XSS) vulnerability in the SAML Authentication module in OpenVPN Access Server version 2.14.0 through 2.14.3 allows configured remote SAML… |
CVE-2025-3110 | | 2026-07-08 | OpenVPN Access Server 2.7.2 through 3.1.0 accepts bare line-feed sequences inside HTTP header values, allowing remote attackers to perform HTTP request smuggli… |