Key Findings Critical privilege escalation vulnerability (CVE-2026-9560, CVSS 9.4) in OpenVPN Connect for macOS allows local attackers to gain root access Affected versions 3.5.1 through 3.8.1 contain insecure local IPC handling in the privileged helper component Version 3.8.2 patches the vulnerability along with authentication and profile management bugs Enterprise deployments require immediate updates to secure corporate endpoints Multiple critical flaws discovered in Veeam