Gemreda

**Name of the Vulnerable Software and Affected Versions** ProtonVPN version 1.26.0 **Description** ProtonVPN version 1.26.0 has an issue with an unquoted service path in its WireGuard service configuration. This could allow local attackers to potentially run arbitrary code. The issue arises because of the unquoted path, enabling attackers to place malicious executables in specific file system locations. This allows them to gain higher privileges when the service starts. **Recommendations** Update to a newer version that contains a fix for this vulnerability.