What is GHSA-26rp-gp3x-v78c?

GHSA-26rp-gp3x-v78c is a security advisory published by GitHub Security Advisories with Critical severity. Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS...

Which CVE IDs does GHSA-26rp-gp3x-v78c cover?

GHSA-26rp-gp3x-v78c covers the following CVE IDs: CVE-2026-9560. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-26rp-gp3x-v78c?

GHSA-26rp-gp3x-v78c has a CVSS v3 base score of 7.8, published by GitHub Security Advisories.

GHSA-26rp-gp3x-v78cCriticalCVSS 7.8

Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS...

Vendor

GitHub Security Advisories

Published

May 26, 2026

Last Modified

May 27, 2026

🔗 CVE IDs covered (1)

CVE-2026-9560 →

📋 Description

Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute arbitrary commands with elevated privileges via local IPC channel

🔗 References (3)

https://nvd.nist.gov/vuln/detail/CVE-2026-9560
https://openvpn.net/connect-docs/macos-release-notes.html
https://github.com/advisories/GHSA-26rp-gp3x-v78c