Low severity3.1OSV Advisory· Published Apr 16, 2025· Updated Apr 15, 2026
CVE-2025-32787
CVE-2025-32787
Description
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. Versions 5.02.5184 to 5.02.5187 are vulnerable to NULL dereference in DeleteIPv6DefaultRouterInRA called by StorePacket. Before dereferencing, DeleteIPv6DefaultRouterInRA does not account for ParsePacket returning NULL, resulting in the program crashing. A patched version does not exist at this time.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
25.02.5184, 5.02.5185, 5.02.5186, …+ 1 more
- (no CPE)range: 5.02.5184, 5.02.5185, 5.02.5186, …
- (no CPE)range: 5.02.5184 to 5.02.5187
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.