CVE-2026-13122
EUVD-2026-4188006.07.2026, 16:16
OpenVPN version 2.6.0 through 2.6.20 and 2.7_alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabledEnginsight
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| openvpn | openvpn | 2.6.0 ≤ 𝑥 ≤ 2.6.20 | CNA |
| openvpn | openvpn | 𝑥 ≤ 2.7.4 | CNA |
Debian Releases
Common Weakness Enumeration
Vulnerability Media Exposure