Every CVE whose affected-product data names Openvpn Connect, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2026-9560 — CVSS 7.8 (high): Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute arbitrary commands…
CVE-2020-9442 — CVSS 7.8 (high): OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, which allows local…
CVE-2021-3613 — CVSS 7.8 (high): OpenVPN Connect 3.2.0 through 3.3.0 allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if…
CVE-2023-7224 — CVSS 7.8 (high): OpenVPN Connect version 3.0 through 3.4.6 on macOS allows local users to execute code in external third party libraries using the…
CVE-2023-7245 — CVSS 7.8 (high): The nodejs framework in OpenVPN Connect 3.0 through 3.4.3 (Windows)/3.4.7 (macOS) was not properly configured, which allows a local user to…
CVE-2024-8474 — CVSS 7.5 (high): OpenVPN Connect before version 3.5.0 can contain the configuration profile's clear-text private key which is logged in the application log…
CVE-2020-15075 — CVSS 7.1 (high): OpenVPN Connect installer for macOS version 3.2.6 and older may corrupt system critical files it should not have access via symlinks in…
CVE-2022-3761 — CVSS 5.9 (medium): OpenVPN Connect versions before 3.4.0.4506 (macOS) and OpenVPN Connect before 3.4.0.3100 (Windows) allows man-in-the-middle attackers to…