CVE Watchtower ← Back to CVE ListCVE-2025-12106NVDVulnerability SummaryInsufficient argument validation in OpenVPN 2.7_alpha1 through 2.7_rc1 allows an attacker to trigger a heap buffer over-read when parsing IP addressesSeverity LevelUNKNOWNPublished DateDec 1, 2025Last ModifiedDec 1, 2025Exploitation Status????EPSS Score (30-Day)Data PendingRoot Weakness (CWE)CWE-126: Unknown/Unlisted Weakness βRefer to the official MITRE database for detailed architectural specifications regarding this weakness.External Referenceshttps://community.openvpn.net/Security%20Announcements/CVE-2025-12106https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00152.html