Openbsd Security Vulnerabilities (CVEs)

Track 18 security vulnerabilities affecting Openbsd products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

4 Critical

9 High

5 Medium

Sort by:

🔔 Get Alerts for Openbsd

CVE-2025-32728 4.3

OpenSSH versions before 10.0 have a bug where the DisableForwarding directive fails to properly disable X11 and agent forwarding as documented. This a...

Apr 10, 2025

CVE-2025-30334 6.5

A vulnerability in OpenBSD's wg(4) WireGuard implementation allows specially crafted network traffic to cause a kernel crash (denial of service). This...

Mar 20, 2025

CVE-2025-26465 6.8

This OpenSSH vulnerability allows machine-in-the-middle attacks when VerifyHostKeyDNS is enabled. Attackers can impersonate legitimate servers by expl...

Feb 18, 2025

CVE-2024-11149 7.9

This vulnerability in OpenBSD's vmm(4) hypervisor fails to properly restore GDTR limits on Intel VMX CPUs, potentially allowing a malicious virtual ma...

Dec 6, 2024

CVE-2024-10933 5.0

This vulnerability in OpenBSD's readdir function allows directory traversal attacks when processing untrusted file systems. Attackers could potentiall...

Dec 5, 2024

CVE-2024-11148 7.5

This vulnerability allows remote attackers to cause a denial-of-service (DoS) by sending a malformed FastCGI request to OpenBSD's httpd server. The NU...

Dec 5, 2024

CVE-2024-10934 9.8

This CVE describes a double free vulnerability in the NFS client and server implementation in OpenBSD, which could allow attackers to execute arbitrar...

Nov 15, 2024

CVE-2021-34999 5.5

This vulnerability in OpenBSD's kernel multicast routing implementation allows local attackers to read uninitialized kernel memory, potentially disclo...

May 7, 2024

CVE-2024-29937 9.8

This critical vulnerability in NFS implementations allows remote attackers to execute arbitrary code on affected systems without requiring authenticat...

Apr 11, 2024

CVE-2023-52557 7.5

This vulnerability in OpenBSD's npppd (Point-to-Point Protocol daemon) allows remote attackers to cause a denial of service by sending specially craft...

Mar 1, 2024

CVE-2023-51767 7.0

This CVE describes a potential row hammer attack vulnerability in OpenSSH that could allow authentication bypass. An attacker with physical access to ...

Dec 24, 2023

CVE-2023-35784 9.8

This vulnerability in OpenBSD and LibreSSL allows memory corruption through double-free or use-after-free conditions in SSL_clear function. Attackers ...

Jun 16, 2023

CVE-2021-46880 9.8

This vulnerability in LibreSSL and OpenBSD's certificate verification allows authentication bypass by discarding errors for unverified certificate cha...

Apr 15, 2023

CVE-2023-27567 7.5

A kernel crash vulnerability in OpenBSD 7.2 occurs when a TCP packet with destination port 0 matches a pf divert-to rule, causing a denial of service....

Mar 3, 2023

CVE-2022-27881 7.5

This is a heap buffer overflow vulnerability in OpenBSD's slaacd daemon, triggered by malicious IPv6 router advertisements containing more than seven ...

Mar 25, 2022

CVE-2019-25048 7.1

This vulnerability in LibreSSL allows attackers to read beyond allocated heap memory boundaries when processing ASN.1 data structures. It affects syst...

Jul 1, 2021

CVE-2010-4816 7.5

A null pointer dereference vulnerability in the FTP daemon (ftpd) of affected FreeBSD and OpenBSD systems allows remote attackers to crash the ftpd se...

Jun 22, 2021

CVE-2021-28041 7.1

This CVE describes a double-free vulnerability in ssh-agent component of OpenSSH versions before 8.5. It could allow attackers to potentially execute ...

Mar 5, 2021

Why Monitor Openbsd Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 18+ known vulnerabilities affecting Openbsd products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Openbsd packages in under 60 seconds. No agents required - completely agentless scanning that works across Openbsd deployments.

Free vulnerability database: Access detailed information about every Openbsd CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

Register free account & add your servers
Run one-time scan or schedule automatic monitoring (every 1-24 hours)
Receive instant alerts when new Openbsd CVEs affect your systems
Access dashboard with severity breakdown & fix instructions

Start Monitoring Openbsd CVEs Free