Unrated severityNVD Advisory· Published Dec 3, 2025· Updated Dec 12, 2025
CVE-2025-13086
CVE-2025-13086
Description
Improper validation of source IP addresses in OpenVPN version 2.6.0 through 2.6.15 and 2.7_alpha1 through 2.7_rc1 allows an attacker to open a session from a different IP address which did not initiate the connection resulting in a denial of service for the originating client
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- community.openvpn.net/Security%20Announcements/CVE-2025-13086mitrevendor-advisory
- www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00151.htmlmitrerelease-notes
- www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00152.htmlmitrerelease-notes
News mentions
0No linked articles in our index yet.