QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2025-12106

Back to search

CVE-2025-12106

Published: Dec 1, 2025

Modified: Dec 1, 2025

PUBLISHED

Description

Insufficient argument validation in OpenVPN 2.7_alpha1 through 2.7_rc1 allows an attacker to trigger a heap buffer over-read when parsing IP addresses

VendorProductVersions

OpenVPN

OpenVPN

affected
2.7_alpha1 - <= 2.7_rc1

Weaknesses (CWE)

CWE-126

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now