CVE-2026-2638 - A vulnerability in the quarantine and restore workflow of the X-VPN macOS website versions 77.0 thro

CVE-2026-40215 - A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7_alpha1 through 2.7.1 allows remote attacker

CVE-2026-35058 - Improper validation of packet length during tls-crypt-v2 key extraction in OpenVPN 2.6.0 through 2.6

CVE-2026-50752 - A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an una

CVE-2026-50751 - A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1

CVE-2026-11406 - A vulnerability was determined in GL.iNet MT3000 up to 4.4.5. This vulnerability affects unknown cod

CVE-2026-10872 - A vulnerability was found in Shibby Tomato 1.28.0000. This issue affects the function start_vpnserve

CVE-2025-12694 - A local privilege escalation vulnerability exists in Forcepoint VPN Client that allows a local non-a

CVE-2026-50206 - Incoming VPN network profile settings fail to process special characters safely, enabling command in

CVE-2026-38707 - A command injection vulnerability exists in the IPSec VPN feature of InHand Networks IR302 firmware

CVE-2026-38704 - A command injection vulnerability exists in the WireGuard VPN feature of InHand Networks IR302 firmw

CVE-2026-38703 - A command injection vulnerability exists in the ZeroTier VPN feature of InHand Networks IR302 firmwa

CVE-2026-45929 - In the Linux kernel, the following vulnerability has been resolved: ovpn: fix possible use-after-fr

CVE-2026-45918 - In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - don't deref NULL sk

CVE-2026-9560 - Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows a

CVE-2026-48132 - The Security Gateway does not correctly validate a length value in certain IKE packets when NAT-T is

CVE-2026-48131 - The VPN service may mishandle an unexpected IKE fragment value received on the IKE port 500/UDP duri

CVE-2018-25368 - Nord VPN 6.14.31 contains a denial of service vulnerability that allows unauthenticated attackers to

CVE-2026-9456 - A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setOpenV

CVE-2026-9455 - A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the funct

CVE-2026-9454 - A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the functi

CVE-2026-32323 - Mullvad VPN is a VPN client app for desktop and mobile. When using macOS with versions 2026.1 and be

CVE-2026-23998 - Fleet is open source device management software. Prior to version 4.81.0, a vulnerability in Fleet’s

CVE-2026-0257 - Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks

CVE-2026-0248 - An improper certificate validation vulnerability in the Prisma Access Agent® for Android and Chrome

CVE-2026-44343 - WGDashboard is a dashboard for WireGuard VPN. Prior to 4.3.2, there are critical vulnerabilities aff

CVE-2026-45182 - GrapheneOS before 2026050400 allows attackers to discover the real IP address of a VPN user as a con

CVE-2026-41070 - openvpn-auth-oauth2 is a plugin/management interface client for OpenVPN server to handle an OIDC bas

CVE-2026-43254 - In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extracti

CVE-2026-31893 - Tunnelblick is an open source graphic user interface for OpenVPN on macOS. In versions 3.3beta26 thr

CVE-2025-42611 - RouterOS provides various services that rely on correct verification of client and server certificat

CVE-2025-58074 - A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Mic

CVE-2026-7674 - A flaw has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. This issue affects th

CVE-2026-7288 - A vulnerability has been found in D-Link DIR-825M 1.1.12. This vulnerability affects the function su

CVE-2026-7242 - A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function set

CVE-2026-7240 - A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects t

CVE-2026-7037 - A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the

CVE-2026-6644 - A command injection vulnerability was found in the PPTP VPN Clients on the ADM. The vulnerability al

CVE-2026-6643 - A stack-based buffer overflow vulnerability was found in the VPN Clients on the ADM. The issue stems

CVE-2026-6139 - A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function U

CVE-2021-47961 - A plaintext storage of a password vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows

CVE-2021-47960 - A files or directories accessible to external parties vulnerability in Synology SSL VPN Client befor

CVE-2026-6029 - A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the f

CVE-2026-33780 - A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning D

CVE-2026-33778 - An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by

CVE-2026-4116 - Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authent

CVE-2026-4114 - Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authent

CVE-2026-4113 - An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a

CVE-2024-1490 - An authenticated remote attacker with high privileges can exploit the OpenVPN configuration via the

CVE-2026-5850 - A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function s

CVE-2026-30817 - An external configuration control vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an

CVE-2026-30816 - An external control of configuration vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows

CVE-2026-30815 - An OS command injection vulnerability in the OpenVPN module of TP-Link Archer AX53 v1.0 allows an au

CVE-2026-39312 - SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. In 5.2.5188 and earlier,

CVE-2018-25241 - VPN Browser+ 1.1.0.0 contains a denial of service vulnerability that allows unauthenticated attacker

CVE-2018-25239 - Smart VPN 1.1.3.0 contains a denial of service vulnerability that allows local attackers to crash th

CVE-2021-4477 - Hirschmann HiLCOS OpenBAT and BAT450 products contain a firewall bypass vulnerability in IPv6 IPsec

CVE-2026-5355 - A vulnerability has been found in Trendnet TEW-657BRM 1.00.1. Affected by this issue is the function

CVE-2026-5354 - A flaw has been found in Trendnet TEW-657BRM 1.00.1. Affected by this vulnerability is the function

CVE-2026-34821 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark para

CVE-2026-34819 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the REMARK para

CVE-2026-34810 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark para

CVE-2026-34796 - Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands

CVE-2026-26352 - Smoothwall Express versions prior to 3.1 Update 13 contain a stored cross-site scripting vulnerabili

CVE-2026-5107 - A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function process_type

CVE-2026-5105 - A vulnerability was detected in Totolink A3300R 17.0.0cu.557_b20221024. The affected element is the

CVE-2026-34391 - Fleet is open source device management software. Prior to 4.81.1, a vulnerability in Fleet's Windows

CVE-2026-30976 - Sonarr is a PVR for Usenet and BitTorrent users. In versions on the 4.x branch prior to 4.0.17.2950,

CVE-2026-30975 - Sonarr is a PVR for Usenet and BitTorrent users. Versions prior to 4.0.16.2942 have an authenticatio

CVE-2026-20012 - A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco IOS Software, Cisco

CVE-2026-4368 - Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configured as Gateway (SSL V

CVE-2019-25572 - NordVPN 6.19.6 contains a denial of service vulnerability that allows local attackers to crash the a