CVE-2026-40215EPSS p37.7%

CVE-2026-40215CVE-2026-40215

Description

A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7_alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via a use-after-free triggered during TLS session promotion.

Scoring

EPSS0.48% probability of exploitation · percentile 37.7% · 2026-06-18T12:00:27Z
Last modified2026-06-09

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-35058
CVE
CVE-2025-12106
CVE
CVE-2026-11604
CVE
CVE-2025-10680
CVE
CVE-2026-5402
CVE
CVE-2026-33846
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.