CVE-2026-13698
EUVD-2026-4187706.07.2026, 15:16
A memory leak in OpenVPN version 2.5.0 through 2.5.11, 2.6.0 through 2.6.20 and 2.7_alpha1 through 2.7.4 allows remote attackers with a valid tls-crypt-v2 client key to potentially cause a denial of serviceEnginsight
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| openvpn | openvpn | 2.5.0 ≤ 𝑥 ≤ 2.5.11 | CNA |
| openvpn | openvpn | 2.6.0 ≤ 𝑥 ≤ 2.6.20 | CNA |
| openvpn | openvpn | 𝑥 ≤ 2.7.4 | CNA |
Debian Releases
Common Weakness Enumeration
Vulnerability Media Exposure