Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-2738
PUBLISHED
More InfoOfficial Page
Assigner-OpenVPN
Assigner Org ID-36a55730-e66d-4d39-8ca6-3c3b3017965e
View Known Exploited Vulnerability (KEV) details
Published At-19 Feb, 2026 | 20:00
Updated At-19 Feb, 2026 | 20:00
Rejected At-
▼CVE Numbering Authority (CNA)

Buffer overflow in ovpn‑dco‑win version 2.8.0 allows local attackers to cause a system crash by sending too large packets to the remote peer when the AEAD tag appears at the end of the encrypted packet

Affected Products
Vendor
OpenVPN
Product
ovpn-dco-win
Repo
https://github.com/OpenVPN/ovpn-dco-win/
Platforms
  • Windows
Default Status
unaffected
Versions
Affected
  • 2.8.0
Problem Types
TypeCWE IDDescription
CWECWE-131CWE-131 Incorrect Calculation of Buffer Size
Type: CWE
CWE ID: CWE-131
Description: CWE-131 Incorrect Calculation of Buffer Size
Metrics
VersionBase scoreBase severityVector
4.05.6MEDIUM
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:P
Version: 4.0
Base score: 5.6
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:P
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://community.openvpn.net/Security%20Announcements/CVE-2026-2738
vendor-advisory
Hyperlink: https://community.openvpn.net/Security%20Announcements/CVE-2026-2738
Resource:
vendor-advisory
Details not found