PatchSiren

The Libreswan Project CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH The Libreswan Project CVE published 2026-07-02

CVE-2026-50722

CVE-2026-50722 is a high-severity vulnerability in Libreswan, a popular open-source VPN software. The vulnerability arises from improper verification of DER ASN.1 encoding in the IKEv2 AUTH payload, allowing remote attackers to forge AUTH payloads and impersonate legitimate users when small public exponents are used. Additionally, attackers can trigger a denial-of-service condition by encoding a shorter t [truncated]

HIGH The Libreswan Project CVE published 2026-07-02

CVE-2026-50721

A variation of the Bleichenbacher attack can be used to forge SIG payloads in Libreswan when small public exponents are used, potentially leading to impersonation. A remote attacker can also trigger a denial-of-service by encoding a shorter than expected hash in the SIG payload. The attack is limited to IKEv1 packets encoded using PKCS #1 RSA Encryption as per RFC 2313. Users of Libreswan should verify th [truncated]

HIGH The Libreswan Project CVE published 2026-07-02

CVE-2026-12413

A vulnerability in Libreswan's IKEv2 fragment handling could allow an attacker to cause a denial of service. The issue arises from an off-by-one error in the assertion PASSERT(logger, md->digest_roof < elemsof(md->digest)) within the reassemble_v2_incoming_fragments() function. This causes the Libreswan pluto daemon to crash and restart upon encountering an invalidly formatted IKEv2 fragment. While no rem [truncated]