A critical bug in OpenVPN’s Windows driver (CVE-2025-50054) allows local attackers to crash systems using specially crafted messages. It affects versions up to 2.5.8 and driver 1.3.0. OpenVPN has released an alpha fix in version 2.7_alpha2. Users are advised to update or apply local access restrictions until a stable fix is available.