Pre-Auth EAP-TLS DoS on SoftEther VPN Developer Edition

Description

A vulnerability, which was classified as problematic, was found in SoftEtherVPN up to 5.2.5188. Affected by this issue is some unknown functionality. Executing a manipulation can lead to uncontrolled memory allocation.

Affected Products

Vendor	Product	Versions
softether	softether vpn	<= 5.2.5188

References

https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-q5g3-qhc6-pr3h(x_refsource_CONFIRM)

Related News (1 articles)

Tier C

VulDB5h ago

CVE-2026-39312 | SoftEtherVPN up to 5.2.5188 memory allocation (GHSA-q5g3-qhc6-pr3h)

→ No new info (linked only)

CVSS 3.17.5 HIGH

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA KEV❌ No

Actively exploited❌ No

CWECWE-789

PublishedApr 7, 2026

Last enriched4h agov2

Trending Score44

Source articles1

Independent1

Info Completeness8/14

Missing: epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

Version History

Last enriched 4h ago

v2Tier C4h ago

Updated description with new details about uncontrolled memory allocation and corrected exploit availability status.

description

via VulDB

v16h ago

Initial creation