Skip to main content

Openvpn Connect

1 CVEs product

Monthly

CVE-2026-9560 CRITICAL Act Now

Local privilege escalation in OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows unprivileged local users to execute arbitrary OS commands as root by abusing an exposed local IPC channel to the privileged background service. The flaw carries a CVSS 4.0 score of 9.4 with scope change (SC:H/SI:H/SA:H), and SSVC rates technical impact as total, though there is no public exploit identified at time of analysis and EPSS is only 0.04%.

Apple Privilege Escalation Command Injection Openvpn Connect
NVD VulDB
CVSS 4.0
9.4
EPSS
0.0%
EPSS 0% CVSS 9.4
CRITICAL Act Now

Local privilege escalation in OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows unprivileged local users to execute arbitrary OS commands as root by abusing an exposed local IPC channel to the privileged background service. The flaw carries a CVSS 4.0 score of 9.4 with scope change (SC:H/SI:H/SA:H), and SSVC rates technical impact as total, though there is no public exploit identified at time of analysis and EPSS is only 0.04%.

Apple Privilege Escalation Command Injection +1
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy