Unrated severityNVD Advisory· Published Dec 3, 2025· Updated Dec 12, 2025
CVE-2025-13086
CVE-2025-13086
Description
Improper validation of source IP addresses in OpenVPN version 2.6.0 through 2.6.15 and 2.7_alpha1 through 2.7_rc1 allows an attacker to open a session from a different IP address which did not initiate the connection resulting in a denial of service for the originating client
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
13- osv-coords11 versionspkg:rpm/opensuse/openvpn-dco&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/openvpn&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/openvpn&distro=openSUSE%20Leap%2016.0pkg:rpm/suse/openvpn-dco&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/openvpn-dco&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/openvpn-dco&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/openvpn&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/openvpn&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/openvpn&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/openvpn&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/openvpn&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0
< 2.6.10-150600.3.20.1+ 10 more
- (no CPE)range: < 2.6.10-150600.3.20.1
- (no CPE)range: < 2.6.10-150600.3.20.1
- (no CPE)range: < 2.6.10-160000.3.1
- (no CPE)range: < 2.6.10-150600.3.20.1
- (no CPE)range: < 2.6.10-150600.3.20.1
- (no CPE)range: < 2.6.10-150600.3.20.1
- (no CPE)range: < 2.6.10-150600.3.20.1
- (no CPE)range: < 2.6.10-150600.3.20.1
- (no CPE)range: < 2.6.10-160000.3.1
- (no CPE)range: < 2.6.10-150600.3.20.1
- (no CPE)range: < 2.6.10-160000.3.1
Patches
Vulnerability mechanics
References
3- community.openvpn.net/Security%20Announcements/CVE-2025-13086mitrevendor-advisory
- www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00151.htmlmitrerelease-notes
- www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00152.htmlmitrerelease-notes
News mentions
0No linked articles in our index yet.