CVE-2026-11604
MediumCVSS 5.6Exploitation Probability (EPSS)
Low risk23th percentile — higher than 23% of all known CVEs
Summary
An incorrect buffer size calculation in the epoch key generator in OpenVPN ovpn-dco-win versions 2.0.0 through 2.8.3 allows a remote authenticated peer to trigger a heap-based buffer overflow and kernel memory corruption via a crafted data packet, resulting in a system crash (denial of service).
Risk Assessment
This vulnerability may lead to system crashes, affecting the availability of services within the organization. A remote attacker with appropriate permissions could exploit this flaw to disrupt system operations.
Recommendation
It is recommended to update OpenVPN ovpn-dco-win to the latest version to mitigate this vulnerability. Additionally, monitoring system logs for potential exploitation attempts is advised.
Original NVD description (English source)
An incorrect buffer size calculation in the epoch key generator in OpenVPN ovpn-dco-win version 2.0.0 through 2.8.3 allows a remote authenticated peer to trigger a heap-based buffer overflow and kernel memory corruption via a crafted data packet, resulting in a system crash (denial of service).

