Bug #16831: OpenVPN CVE-2026-40215 - pfSense Plus - pfSense bugtracker

Actions

Copy link

Bug #16831

closed

OpenVPN CVE-2026-40215

Added by Kris Phillips 9 days ago. Updated 8 days ago.

Status:

Closed

Priority:

Normal

Assignee:

Christian McDonald

Category:

OpenVPN

Target version:

Start date:

Due date:

% Done:

Estimated time:

Release Notes:

Default

Affected Plus Version:

26.03

Affected Architecture:

All

Description

Current version of OpenVPN in pfSense Plus 26.03:
OpenVPN 2.6.16 amd64-portbld-freebsd16.0 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] [DCO]

According to OpenVPN security advisories this version needs to be patched to 2.6.20 to resolve this security vulnerability:
https://community.openvpn.net/Security%20Announcements/CVE-2026-40215

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense » pfSense Plus

Custom queries

Bug #16831

OpenVPN CVE-2026-40215

Updated by Christian McDonald 9 days ago

Updated by Kris Phillips 9 days ago

Updated by Kris Phillips 8 days ago