CVE-2026-2738

Summary

Buffer overflow in ovpn‑dco‑win version 2.8.0 allows local attackers to cause a system crash by sending too large packets to the remote peer when the AEAD tag appears at the end of the encrypted packet

Affected Software

VendorProductVersion RangeStatus
OpenVPNovpn-dco-win2.8.0affected

Weaknesses

  • CWE-131: CWE-131 Incorrect Calculation of Buffer Size

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References