CVE-2026-11604: Buffer Overflow

Q: What is the severity of CVE-2026-11604?

CVE-2026-11604 has a risk rating of 56, indicating a moderate severity level.

Q: How do I fix CVE-2026-11604?

To mitigate CVE-2026-11604, upgrade OpenVPN ovpn-dco-win to version 2.8.4 or later.

Q: What impact does CVE-2026-11604 have on my system?

CVE-2026-11604 may lead to a denial of service by causing system crashes due to a heap-based buffer overflow.

Q: Who is affected by CVE-2026-11604?

CVE-2026-11604 affects users of OpenVPN ovpn-dco-win versions 2.0.0 through 2.8.3.

Q: What type of vulnerability is CVE-2026-11604?

CVE-2026-11604 is classified as a Buffer Overflow vulnerability.

Published Jun 10, 2026

Updated

An incorrect buffer size calculation in the epoch key generator in OpenVPN ovpn-dco-win version 2.0.0 through 2.8.3 allows a remote authenticated peer to trigger a heap-based buffer overflow and kernel memory corruption via a crafted data packet, resulting in a system crash (denial of service).

Affected Software

1 affected component

OpenVPN ovpn-dco-win>=2.0.0<=2.8.3

Event History

Jun 10, 2026

CVE Published

via MITRE·09:04 PM

Data Sourced

via MITRE·09:04 PM

DescriptionWeakness

Data Sourced

via NVD·10:16 PM

DescriptionSeverityWeakness

Frequently Asked Questions

What is the severity of CVE-2026-11604?

CVE-2026-11604 has a risk rating of 56, indicating a moderate severity level.

How do I fix CVE-2026-11604?

To mitigate CVE-2026-11604, upgrade OpenVPN ovpn-dco-win to version 2.8.4 or later.

What impact does CVE-2026-11604 have on my system?

CVE-2026-11604 may lead to a denial of service by causing system crashes due to a heap-based buffer overflow.

Who is affected by CVE-2026-11604?

CVE-2026-11604 affects users of OpenVPN ovpn-dco-win versions 2.0.0 through 2.8.3.

What type of vulnerability is CVE-2026-11604?