PatchSiren

strongSwan CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH strongSwan CVE published 2026-03-23

CVE-2026-25075

A vulnerability was found in strongSwan versions 4.5.0 prior to 6.0.5. This issue is an integer underflow in the EAP-TTLS AVP parser, which allows unauthenticated remote attackers to cause a denial of service. The vulnerability is triggered by sending crafted AVP data with invalid length fields during IKEv2 authentication. Unaffected versions have addressed this vulnerability. Users should review their de [truncated]