openvpn Archives • Daily CyberSecurity

Critical OpenVPN Flaws Fix: Heap Over-Read (CVSS 9.1) and HMAC Bypass Allow DoS Attacks CVE-2023-7235 - CVE-2024-5594 OpenVPN Buffer Over-read, HMAC Bypass

CVE-2023-7235 - CVE-2024-5594 OpenVPN Buffer Over-read, HMAC Bypass

Critical OpenVPN Flaws Fix: Heap Over-Read (CVSS 9.1) and HMAC Bypass Allow DoS Attacks

Do Son December 2, 2025

The OpenVPN project has released a crucial security update with the launch of version 2.7_rc2, addressing a...

High-Severity OpenVPN Flaw (CVE-2025-10680) Allows Script Injection on Linux/macOS via Malicious DNS Server OpenVPN Script Injection CVE-2025-10680

High-Severity OpenVPN Flaw (CVE-2025-10680) Allows Script Injection on Linux/macOS via Malicious DNS Server

Do Son October 28, 2025

Security researchers have disclosed a high-severity vulnerability, tracked as CVE-2025-10680 (CVSS 8.8), affecting OpenVPN 2.7_alpha1 through 2.7_beta1...

OpenVPN Driver Flaw: Local Users Can Crash Windows Systems via Buffer Overflow OpenVPN Driver, DoS Vulnerability

OpenVPN Driver Flaw: Local Users Can Crash Windows Systems via Buffer Overflow

Do Son June 20, 2025

A recently disclosed vulnerability, tracked as CVE-2025-50054, affects certain versions of the OpenVPN Windows kernel driver (ovpn-dco-win)...

Two sslh Flaws Disclosed: Remote DoS Attacks Possible via Protocol Multiplexer sslh Vulnerabilities, DoS Attack

Two sslh Flaws Disclosed: Remote DoS Attacks Possible via Protocol Multiplexer

Do Son June 17, 2025

In June 2025, the SUSE Security Team disclosed critical vulnerabilities in sslh, a lightweight protocol multiplexer used...

CVE-2025-2704: Critical Bug in OpenVPN Can Trigger Server Crashes

Do Son April 4, 2025

The OpenVPN community has released a critical security update — OpenVPN 2.6.14 — to patch a server-side...

CVE-2024-5594 (CVSS 9.1): Critical Vulnerability in OpenVPN Enables Code Execution CVE-2023-7235 - CVE-2024-5594 OpenVPN Buffer Over-read, HMAC Bypass

CVE-2024-5594 (CVSS 9.1): Critical Vulnerability in OpenVPN Enables Code Execution

Do Son January 8, 2025

The open-source VPN software OpenVPN has patched three significant vulnerabilities in OpenVPN 2.6.11, released on June 21,...

CVE-2024-8474: OpenVPN Connect Vulnerability Leaks Private Keys CVE-2023-46850 - CVE-2024-8474

CVE-2024-8474: OpenVPN Connect Vulnerability Leaks Private Keys

Do Son January 6, 2025

Popular VPN client app, OpenVPN Connect, patched a critical security flaw that could have exposed users’ private...

New Research Exposes VPN Vulnerability: Port Shadow Attacks Undermine User Privacy Port Shadow Vulnerability - VPN Security

New Research Exposes VPN Vulnerability: Port Shadow Attacks Undermine User Privacy

Do Son July 17, 2024

A new study presented at the Privacy Enhancing Technologies Symposium (PETS) 2024 has revealed a vulnerability in...

OpenVPN Addresses False Zero-Day Claims, Releases Security Patches OpenVPN Vulnerability

OpenVPN Addresses False Zero-Day Claims, Releases Security Patches

Do Son July 9, 2024

OpenVPN, a leading provider of virtual private network (VPN) solutions, has refuted claims of zero-day vulnerabilities in...

Microsoft Researcher to Unveil 4 OpenVPN Zero-Day Vulnerabilities at Black Hat USA 2024 OpenVPN Connect macOS vulnerability macOS privilege escalation fix OVPNX - OpenVPN Zero-Day

OpenVPN Connect macOS vulnerability macOS privilege escalation fix OVPNX - OpenVPN Zero-Day

Microsoft Researcher to Unveil 4 OpenVPN Zero-Day Vulnerabilities at Black Hat USA 2024

Do Son May 2, 2024

Microsoft’s Senior Security Researcher Vladimir Tokarev will detail a series of critical zero-day vulnerabilities in OpenVPN, the...

OpenVPN Patches Serious Vulnerabilities in Windows Installations OpenVPN vulnerabilities

OpenVPN Patches Serious Vulnerabilities in Windows Installations

Do Son March 24, 2024

OpenVPN has released critical security updates (version 2.6.10) to address a series of vulnerabilities in its Windows...

CVE-2023-7235: OpenVPN Vulnerability Puts Windows Users at Risk CVE-2023-7235 - CVE-2024-5594 OpenVPN Buffer Over-read, HMAC Bypass

CVE-2023-7235: OpenVPN Vulnerability Puts Windows Users at Risk

Do Son February 21, 2024

OpenVPN has released version 2.6.9 for Windows, Mac, and Linux, addressing a severe privilege escalation vulnerability (CVE-2023-7235)....

CVE-2023-46850: OpenVPN Access Server Flaw Exposes Sensitive Data, RCE Possible CVE-2023-46850 - CVE-2024-8474

CVE-2023-46850: OpenVPN Access Server Flaw Exposes Sensitive Data, RCE Possible

Do Son November 12, 2023

OpenVPN Access Server, a popular open-source VPN solution, has been patched to address two vulnerabilities that could...

Critical Alert 2 Active Exploits Detected Today