CVE-2026-2738
Lifecycle Timeline
2DescriptionCVE.org
Buffer overflow in ovpn‑dco‑win version 2.8.0 allows local attackers to cause a system crash by sending too large packets to the remote peer when the AEAD tag appears at the end of the encrypted packet
Analysis
Buffer overflow in ovpn‑dco‑win version 2.8.0 allows local attackers to cause a system crash by sending too large packets to the remote peer when the AEAD tag appears at the end of the encrypted packet
Technical ContextAI
Classified as CWE-131 (Incorrect Calculation of Buffer Size). Buffer overflow in ovpn‑dco‑win version 2.8.0 allows local attackers to cause a system crash by sending too large packets to the remote peer when the AEAD tag appears at the end of the encrypted packet
Affected ProductsAI
Buffer overflow in ovpn‑dco‑win version 2.8.0 allows local attackers to cause a system crash by sending too large packets to the remote peer when the
RemediationAI
Monitor vendor advisories for a patch. Enable ASLR, DEP/NX, and stack canaries where possible.
Same weakness CWE-131 – Incorrect Calculation of Buffer Size
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today