CVE-2025-59692

Name of the Vulnerable Software and Affected Versions PureVPN versions 2.0.1 and 2.10.0

Description PureVPN client applications on Linux mishandle firewalling. The applications flush existing iptables rules and apply default ACCEPT policies when connecting to a VPN server, removing previously configured firewall rules. Upon VPN disconnect, the original firewall state is not restored, potentially exposing the system to network traffic that was previously blocked.

Recommendations Update to a newer version of the PureVPN client application for Linux.