{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-59691", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-09-19T13:08:52.061Z", "dateReserved": "2025-09-18T00:00:00.000Z", "datePublished": "2025-09-18T00:00:00.000Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unknown", "product": "PureVPN", "vendor": "PureVPN", "versions": [{"status": "affected", "version": "CLI 2.0.1", "versionType": "custom"}, {"status": "affected", "version": "GUI 2.10.0", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "PureVPN client applications on Linux through September 2025 allow IPv6 traffic to leak outside the VPN tunnel upon network events such as Wi-Fi reconnect or system resume. In the CLI client, the VPN auto-reconnects and claims to be connected, but IPv6 traffic is no longer routed or blocked. In the GUI client, the IPv6 connection remains functional after disconnection until the user clicks Reconnect. In both cases, the real IPv6 address is exposed to external services, violating user privacy and defeating the advertised IPv6 leak protection. This affects CLI 2.0.1 and GUI 2.10.0."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-669", "description": "CWE-669 Incorrect Resource Transfer Between Spheres", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2025-09-18T22:58:26.187Z"}, "references": [{"url": "https://anagogistis.com/posts/purevpn-ipv6-leak/"}], "x_generator": {"engine": "enrichogram 0.0.1"}, "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 3.7, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:purevpn:purevpn:*:*:*:*:*:*:*:*", "versionStartIncluding": "CLI 2.0.1", "versionEndIncluding": "CLI 2.0.1"}, {"vulnerable": true, "criteria": "cpe:2.3:a:purevpn:purevpn:*:*:*:*:*:*:*:*", "versionStartIncluding": "GUI 2.10.0", "versionEndIncluding": "GUI 2.10.0"}]}]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-09-19T13:08:42.717940Z", "id": "CVE-2025-59691", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-19T13:08:52.061Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"cna": {"metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 3.7, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}}], "affected": [{"vendor": "PureVPN", "product": "PureVPN", "versions": [{"status": "affected", "version": "CLI 2.0.1", "versionType": "custom"}, {"status": "affected", "version": "GUI 2.10.0", "versionType": "custom"}], "defaultStatus": "unknown"}], "references": [{"url": "https://anagogistis.com/posts/purevpn-ipv6-leak/"}], "x_generator": {"engine": "enrichogram 0.0.1"}, "descriptions": [{"lang": "en", "value": "PureVPN client applications on Linux through September 2025 allow IPv6 traffic to leak outside the VPN tunnel upon network events such as Wi-Fi reconnect or system resume. In the CLI client, the VPN auto-reconnects and claims to be connected, but IPv6 traffic is no longer routed or blocked. In the GUI client, the IPv6 connection remains functional after disconnection until the user clicks Reconnect. In both cases, the real IPv6 address is exposed to external services, violating user privacy and defeating the advertised IPv6 leak protection. This affects CLI 2.0.1 and GUI 2.10.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-669", "description": "CWE-669 Incorrect Resource Transfer Between Spheres"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:purevpn:purevpn:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "CLI 2.0.1", "versionStartIncluding": "CLI 2.0.1"}, {"criteria": "cpe:2.3:a:purevpn:purevpn:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "GUI 2.10.0", "versionStartIncluding": "GUI 2.10.0"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2025-09-18T22:58:26.187Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-59691", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-09-19T13:08:42.717940Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2025-09-19T13:08:47.118Z"}}]}, "cveMetadata": {"cveId": "CVE-2025-59691", "state": "PUBLISHED", "dateUpdated": "2025-09-18T22:58:26.187Z", "dateReserved": "2025-09-18T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2025-09-18T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "PureVPN client applications on Linux through September 2025 allow IPv6 traffic to leak outside the VPN tunnel upon network events such as Wi-Fi reconnect or system resume. In the CLI client, the VPN auto-reconnects and claims to be connected, but IPv6 traffic is no longer routed or blocked. In the GUI client, the IPv6 connection remains functional after disconnection until the user clicks Reconnect. In both cases, the real IPv6 address is exposed to external services, violating user privacy and defeating the advertised IPv6 leak protection. This affects CLI 2.0.1 and GUI 2.10.0."}], "id": "CVE-2025-59691", "lastModified": "2025-09-19T16:00:27.847", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 1.4, "source": "[email protected]", "type": "Secondary"}]}, "published": "2025-09-18T23:15:34.310", "references": [{"source": "[email protected]", "url": "https://anagogistis.com/posts/purevpn-ipv6-leak/"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-669"}], "source": "[email protected]", "type": "Primary"}]}

{}