CVE-2026-2738

Published: Feb 19, 2026

Modified: Feb 20, 2026

PUBLISHED

Description

Buffer overflow in ovpn‑dco‑win version 2.8.0 allows local attackers to cause a system crash by sending too large packets to the remote peer when the AEAD tag appears at the end of the encrypted packet

Vendor	Product	Versions
OpenVPN	ovpn-dco-win	affected `2.8.0`

Weaknesses (CWE)

CWE-131

References

https://community.openvpn.net/Security%20Announcements/CVE-2026-2738

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-2738

Description

Affected Products

Weaknesses (CWE)

References