QwikSec

Security Database

CVE

CWE

Training

CVE-2025-13086

Published: Dec 3, 2025

Modified: Dec 12, 2025

PUBLISHED

Description

Improper validation of source IP addresses in OpenVPN version 2.6.0 through 2.6.15 and 2.7_alpha1 through 2.7_rc1 allows an attacker to open a session from a different IP address which did not initiate the connection resulting in a denial of service for the originating client

Vendor	Product	Versions
OpenVPN	OpenVPN	affected `2.6.0 - <= 2.6.15` affected `2.7_alpha1 - <= 2.7_rc1`

Weaknesses (CWE)

References

https://community.openvpn.net/Security%20Announcements/CVE-2025-13086

vendor-advisory

https://www.mail-archive.com/[email protected]/msg00152.html

release-notes

https://www.mail-archive.com/[email protected]/msg00151.html

release-notes

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.