Back to VulnFeed / CVE-2026-35058
root@hackertop:~/vulnfeed/CVE-2026-35058#
CVE-2026-35058 LOW CVE ⚠ Unpatched · Zero-day◉ PoC 公开 Lifecycle 4/7

OpenVPN up to 2.6.19/2.7.1 Packet Length assertion

OpenVPN 26d ago Impact pending confirmation
LIFECYCLE
3.1 CVSS
Vulnerability Detail Mitigation Lifecycle CVSS Assessment
Vulnerability Description
A vulnerability classified as problematic was found in OpenVPN up to 2.6.19/2.7.1 (Network Encryption Software). This vulnerability affects some unknown processing of the component Packet Length Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Root Cause Analysis
The CWE definition for the vulnerability is CWE-617. The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

Impact: As an impact it is known to affect availability.

Countermeasure: There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Validation (PoC/EXP) - Looking for Contributors
No public PoC yet

Public validation traces already exist. Community contributors can extend them with richer reproduction content.

Contribute Your PoC/EXP
Log in to contribute PoC/EXP content. Log in
Back to VulnFeed
CVE-2026-35058 · CVSS 3.1 · Active Threat