Symlink Vulnerability in Tunnelblick Affects OpenVPN on macOS
CVE-2026-31893

6.8MEDIUM

Key Information:

Vendor: Tunnelblick
Status: Tunnelblick
Vendor: CVE Published:; 5 May 2026

🔔 Create Tunnelblick Vulnerability Alert

What is CVE-2026-31893?

Tunnelblick, an open-source GUI for OpenVPN on macOS, contains a vulnerability that allows local users to exploit the tunnelblick-helper process. This issue arises from the misconfigured world-accessible tunnelblickd Unix socket, which permits any local user to connect without authorization. Attackers can create a locally controlled .tblk directory with a symlinked config.ovpn that points to arbitrary files, allowing them to read sensitive root-owned files. This security flaw has been patched in version 9.0beta02.

Affected Version(s)

Tunnelblick >= 3.3beta26, < 9.0beta02

References

https://github.com/Tunnelblick/Tunnelblick/security/advis...

x_refsource_CONFIRM

https://github.com/Tunnelblick/Tunnelblick/releases/tag/v...

x_refsource_MISC

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 5, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31893 Data

JSON