CVE Catalog

CVE-2026-11604

MediumCVSS 5.6
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.08%

23th percentile — higher than 23% of all known CVEs

Summary

An incorrect buffer size calculation in the epoch key generator in OpenVPN ovpn-dco-win versions 2.0.0 through 2.8.3 allows a remote authenticated peer to trigger a heap-based buffer overflow and kernel memory corruption via a crafted data packet, resulting in a system crash (denial of service).

Risk Assessment

This vulnerability may lead to system crashes, affecting the availability of services within the organization. A remote attacker with appropriate permissions could exploit this flaw to disrupt system operations.

Recommendation

It is recommended to update OpenVPN ovpn-dco-win to the latest version to mitigate this vulnerability. Additionally, monitoring system logs for potential exploitation attempts is advised.

Original NVD description (English source)

An incorrect buffer size calculation in the epoch key generator in OpenVPN ovpn-dco-win version 2.0.0 through 2.8.3 allows a remote authenticated peer to trigger a heap-based buffer overflow and kernel memory corruption via a crafted data packet, resulting in a system crash (denial of service).

Vulnerability data from NVD (NIST) · CISA KEV · EPSS