this is not the vulnerability you are looking for...
IPsec code in OpenBSD is source of constant discussions. it seems there’s no reason to panic (and OpenBSD penetration is anyway minimal), but there’s a lot of interesting discussions and rumours around code itself and it’s origin. in particular i’d recommend to read this short piece (and this tweet) with code references. they demonstrate for the n-th time, that OpenBSD team, and in particular Theo is really building creative marketing and at the same time patch bugs silently without disclosing them....