๐Ÿ” CVE Alert

CVE-2026-13122

UNKNOWN 0.0
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

OpenVPN version 2.6.0 through 2.6.20 and 2.7_alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled

CWE CWE-617
Vendor openvpn
Product openvpn
Published Jul 6, 2026
Last Updated Jul 6, 2026
Stay Ahead of the Next One

Get instant alerts for openvpn openvpn

Be the first to know when new unknown vulnerabilities affecting openvpn openvpn are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Openvpn / OpenVPN
2.6.0 โ‰ค 2.6.20 2.7_alpha1 โ‰ค 2.7.4

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
community.openvpn.net: https://community.openvpn.net/Security%20Announcements/CVE-2026-13122