CVE-2026-9560: connect vulnerability

Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute arbitrary commands with elevated privileges via local IPC channel
CVE-2026-9560CVSS 9.4VPN

CVE-2026-9560: connect vulnerability

Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute arbitrary commands with elevated privileges via local IPC channel

CVSS
9.4 CRITICAL
EPSS
43.18%
Known exploited
not in KEV
Product
connect

What is known

Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute arbitrary commands with elevated privileges via local IPC channel

Sources