CVE-2026-13122
Severity CVSS v4.0:
MEDIUM
Type:
Unavailable / Other
Publication date:
06/07/2026
Last modified:
06/07/2026
Description
OpenVPN version 2.6.0 through 2.6.20 and 2.7_alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled
Impact
Base Score 4.0
5.90
Severity 4.0
MEDIUM



