Vulnerability Description
openvpn-auth-oauth2 is a plugin/management interface client for OpenVPN server to handle an OIDC based single sign-on (SSO) auth flows. From version 1.26.3 to before version 1.27.3, when openvpn-auth-oauth2 is deployed in the experimental plugin mode (shared library loaded by OpenVPN via the plugin directive), clients that do not support WebAuth/SSO (e.g., the openvpn CLI on Linux) are incorrectly admitted to the VPN despite being denied by the authentication logic. The default management-interface mode is not affected because it does not use the OpenVPN plugin return-code mechanism. This issue has been patched in version 1.27.3.
CVSS Score
CRITICAL
Related Weaknesses (CWE)
References
- https://github.com/jkroepke/openvpn-auth-oauth2/commit/36f69a6c67c1054da7cbfa04c
- https://github.com/jkroepke/openvpn-auth-oauth2/security/advisories/GHSA-246w-jg
FAQ
What is CVE-2026-41070?
CVE-2026-41070 is a vulnerability with a CVSS score of 10.0 (CRITICAL). openvpn-auth-oauth2 is a plugin/management interface client for OpenVPN server to handle an OIDC based single sign-on (SSO) auth flows. From version 1.26.3 to before version 1.27.3, when openvpn-auth-...
How severe is CVE-2026-41070?
CVE-2026-41070 has been rated CRITICAL with a CVSS base score of 10.0/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2026-41070?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.